IT Security Compliance Management can make sense

IT Security Compliance Management can make sense

Adrian Wiesmann

published in Magdeburger Journal zur Sicherheitsforschung (2015, #10, p. 661-666)

Info

What kind of internal and external controls from regulations and other sources are there? What is IT-Risk and IT-Compliance management? Why and for whom does it matter? How can we handle it and how does compliance aggregation fit into the picture? We will then look at the SOMAP.org project which is an Open Source project working on tools to handle IT-Compliance aggregation and IT Security compliance management in general. We will discuss why compliance management is not only about hot air but can make sense when done right. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences“. Edited by Stefan Schumacher and René Pfeiffer

BibTeX-Entry für mjs:Wiesmann:Compliance

 1@article{mjs:Wiesmann:Compliance,
 2  author = {Adrian Wiesmann},
 3  title = {IT Security Compliance Management can make sense},
 4  pages = {661-666},
 5  year = {2015},
 6  journaltitle = {Magdeburger Journal zur Sicherheitsforschung},
 7  issn = {2192-4260},
 8  url = {https://d-nb.info/107951208X/34},
 9  codeberg = {https://codeberg.org/0xKaishakunin/Publikationen/src/branch/main/MagdeburgerJournalSicherheitsforschung/MJS_040_WiesmannCompliance.pdf},
10  issue = {2},
11  volume = {10},
12  urldate = {2015-11-24},
13  keywords = {mjsarticle,ds15,compliance,management,regulation},
14  abstract = {What kind of internal and external controls from regulations and other sources are there? What is IT-Risk and IT-Compliance management? Why and for whom does it matter? How can we handle it and how does compliance aggregation fit into the picture? We will then look at the SOMAP.org project which is an Open Source project working on tools to handle IT-Compliance aggregation and IT Security compliance management in general. We will discuss why compliance management is not only about hot air but can make sense when done right. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences“. Edited by Stefan Schumacher and René Pfeiffer},
15}

AsciiDoc citation commands

1. citenp:[mjs:Wiesmann:Compliance]
2. cite:[mjs:Wiesmann:Compliance]
3. bibitem[mjs:Wiesmann:Compliance]

LaTeX citation commands

1. \textcite{mjs:Wiesmann:Compliance}
2. \parencite{mjs:Wiesmann:Compliance}
3. \cite{mjs:Wiesmann:Compliance}

generated at Mon May 12 10:48:34 2025