7 Mistakes of IT Security Compliance - and Steps to Avoid Them

6 likes2,175 views

The document discusses 7 common mistakes made in IT security compliance including: decentralized policy management, failing to establish a common definition of compliance, treating compliance as a tactical issue rather than strategic, failing to test solutions before implementing them, seeing audits as a nuisance, lacking buy-in from administrators, and being unaware of hidden costs of compliance solutions. The document provides examples and effects of each mistake and recommends centralizing policy management, establishing common definitions, taking a strategic approach, thorough testing, viewing audits positively, gaining administrator support, and understanding total solution costs.

Technology

More Related Content

PDF

DSS ITSEC Conference 2012 - RISK & COMPLIANCE

Andris Soroka

PPTX

Pv performance services

Convertitalia

PPTX

Retail Loss Prevention Summit V1.0

chris_carter_brennan01

PDF

Novell Access Governance Suite

Novell

PDF

Newport Computers: IT Asset Recovery Computer Recycling, Refurbished Computer...

newportcomputers

DOC

Iso 9000 iso 9001

billgates3970

PDF

HIPAA HITECH Compliance Assurance Template

data brackets

PDF

2007 issa journal-building a comprehensive security control framework

asundaram1

DSS ITSEC Conference 2012 - RISK & COMPLIANCE

Andris Soroka

Pv performance services

Convertitalia

Retail Loss Prevention Summit V1.0

chris_carter_brennan01

Novell Access Governance Suite

Novell

Newport Computers: IT Asset Recovery Computer Recycling, Refurbished Computer...

newportcomputers

Iso 9000 iso 9001

billgates3970

HIPAA HITECH Compliance Assurance Template

data brackets

2007 issa journal-building a comprehensive security control framework

asundaram1

What's hot (20)

PDF

What Every It Professional Should Know

dinobusalachi

PDF

ComplianceLine Data Sheet

Bryan Rainey

PDF

Continuous Monitoring 2.0

nCircle - a Tripwire Company

PDF

Inv306 going social in a world of grc v.1.1

Arthur Fontaine

PDF

Axmedis2007 Presentation

Carlos Serrao

PDF

Routeco cyber security and secure remote access 1 01

RoutecoMarketing

PDF

soc

Dhirendra Thapa

PDF

Building an Effective GRC Process with TrustedAgent GRC

Tuan Phan

PPT

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

EnergySec

PDF

Sun2 oracle avea's identity management platform transformation

OracleIDM

PDF

Gallagher Systems Catalogue

Claudiu Sandor

PPTX

Iso27001 Audit Services

tschraider

PDF

Software Compliance Management Overview

kevino80

PPT

NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011

dma1965

PDF

Posecco clustering meeting

fcleary

PDF

Rob kloots presentation_issa_spain

Robert Kloots

PDF

Folding Carton Article - ARRAY intro

W. H. Leary Co., Inc.

PDF

Why the Cloud can be Compliant and Secure

InnoTech

PPT

Ch14

vigneshwaran vignesh

PPT

Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...

TheAnfieldGroup

What Every It Professional Should Know

dinobusalachi

ComplianceLine Data Sheet

Bryan Rainey

Continuous Monitoring 2.0

nCircle - a Tripwire Company

Inv306 going social in a world of grc v.1.1

Arthur Fontaine

Axmedis2007 Presentation

Carlos Serrao

Routeco cyber security and secure remote access 1 01

RoutecoMarketing

soc

Dhirendra Thapa

Building an Effective GRC Process with TrustedAgent GRC

Tuan Phan

The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...

EnergySec

Sun2 oracle avea's identity management platform transformation

OracleIDM

Gallagher Systems Catalogue

Claudiu Sandor

Iso27001 Audit Services

tschraider

Software Compliance Management Overview

kevino80

NERC CIP Compliance 101 Workshop - Smart Grid Security East 2011

dma1965

Posecco clustering meeting

fcleary

Rob kloots presentation_issa_spain

Robert Kloots

Folding Carton Article - ARRAY intro

W. H. Leary Co., Inc.

Why the Cloud can be Compliant and Secure

InnoTech

Ch14

vigneshwaran vignesh

Leveraging Technology to Enhance Security, Reliability & NERC-CIP Ver.5 Compl...

TheAnfieldGroup

Viewers also liked (20)

PDF

ikd312-10-transaksi

Anung Ariwibowo

PPT

Automating Policy Compliance and IT Governance

Sasha Nunke

PDF

QualysGuard InfoDay 2014 - Policy compliance

Risk Analysis Consultants, s.r.o.

PPS

Madre Maria de Jesus Crucificado - Fundadora - Irmãs Lourdinas

lourdinas

PDF

Qualys Suite

fepinette

PDF

QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...

Risk Analysis Consultants, s.r.o.

PDF

Mobile,mobile, mobile

KaKi Law

PDF

Ralph Who

Jay Armitage

PPT

Greetings

Livemocha .com

PPTX

Microsoft

Virus91

PDF

Crosscurrents, 2011, Collaboration Counts!

Faye Brownlie

PPT

Wcf.Wfwpi Dignity[1]

Elisabeth Riedl

PDF

Gitified by valentin bora

Valentin Bora

PPTX

Active Channel

Kathleen Buczko

PDF

Get Social Media Guide 2009

Karla Camacho

DOC

비토리 Faq

sdfsadfsdf

PDF

Option 2 - Coast

Robert Logie

PPT

比較の表し方（1)

shingokeihoku

PDF

ikp213-07-stl

Anung Ariwibowo

PPTX

CBI Presentation March 2011

thess1121

ikd312-10-transaksi

Anung Ariwibowo

Automating Policy Compliance and IT Governance

Sasha Nunke

QualysGuard InfoDay 2014 - Policy compliance

Risk Analysis Consultants, s.r.o.

Madre Maria de Jesus Crucificado - Fundadora - Irmãs Lourdinas

lourdinas

Qualys Suite

fepinette

QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...

Risk Analysis Consultants, s.r.o.

Mobile,mobile, mobile

Ralph Who

Greetings

Microsoft

Crosscurrents, 2011, Collaboration Counts!

Faye Brownlie

Wcf.Wfwpi Dignity[1]

Elisabeth Riedl

Gitified by valentin bora

Valentin Bora

Active Channel

Kathleen Buczko

Get Social Media Guide 2009

비토리 Faq

Option 2 - Coast

比較の表し方（1)

ikp213-07-stl

CBI Presentation March 2011

thess1121

Similar to 7 Mistakes of IT Security Compliance - and Steps to Avoid Them (20)

PDF

Lumension LCRM - DSS @Vilnius 2010

Andris Soroka

PPT

Joburg cobit assurance

Aldee2013

PPTX

Security models for security architecture

Vladimir Jirasek

PPTX

Infosec policies to appsec standards ed final

eadams2330

PDF

Better security through IT operations

slighltyanon

PDF

E-Mail Compliance Frameworks in the Real World

Chris Byrne

PDF

Microsoft power point technologies and solutions for it governance prasopchoke

Software Park Thailand

PDF

Information Risk Security model and metrics

Vladimir Jirasek

PDF

High Level Intro

faisalsadaf

PDF

How to implement interoperability

E-Government Center Moldova

PDF

TOGAF 9 - Security Architecture Ver1 0

Maganathin Veeraragaloo

PPT

M014 Confluence Presentation 08 15 06

gbroadbent67

PPT

Cyber crime with privention

Manish Dixit Ceh

PPTX

Simplifying IT GRC

anand choudhary

PDF

DFlabs corporate profile 01-2013

DFLABS SRL

PDF

Cloud Auditing

Jonathan Sinclair

PDF

VSD Infotech

VSD infotech

PPT

Cybersecurity exchange briefing oct 2012 v2

Naba Barkakati

PDF

Feb2008 Monthly Slides 1

Nadir Hussain

PDF

DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...

Andris Soroka

Lumension LCRM - DSS @Vilnius 2010

Andris Soroka

Joburg cobit assurance

Aldee2013

Security models for security architecture

Vladimir Jirasek

Infosec policies to appsec standards ed final

eadams2330

Better security through IT operations

slighltyanon

E-Mail Compliance Frameworks in the Real World

Chris Byrne

Microsoft power point technologies and solutions for it governance prasopchoke

Software Park Thailand

Information Risk Security model and metrics

Vladimir Jirasek

High Level Intro

faisalsadaf

How to implement interoperability

E-Government Center Moldova

TOGAF 9 - Security Architecture Ver1 0

Maganathin Veeraragaloo

M014 Confluence Presentation 08 15 06

gbroadbent67

Cyber crime with privention

Manish Dixit Ceh

Simplifying IT GRC

anand choudhary

DFlabs corporate profile 01-2013

DFLABS SRL

Cloud Auditing

Jonathan Sinclair

VSD Infotech

VSD infotech

Cybersecurity exchange briefing oct 2012 v2

Naba Barkakati

Feb2008 Monthly Slides 1

Nadir Hussain

DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Man...

Andris Soroka

More from Sasha Nunke (8)

PDF

Don’t let Your Website Spread Malware – a New Approach to Web App Security

Sasha Nunke

PDF

Cost-effective approach to full-cycle vulnerability management

Sasha Nunke

PDF

Web Application Security For Small and Medium Businesses

Sasha Nunke

PDF

ABC's of Securing Educational Networks

Sasha Nunke

PDF

PCI Myths

Sasha Nunke

PDF

Web Application Scanning 101

Sasha Nunke

PDF

PCI Compliance: What You Need to Know

Sasha Nunke

PPT

Planning and Deploying an Effective Vulnerability Management Program

Sasha Nunke

Don’t let Your Website Spread Malware – a New Approach to Web App Security

Sasha Nunke

Cost-effective approach to full-cycle vulnerability management

Sasha Nunke

Web Application Security For Small and Medium Businesses

Sasha Nunke

ABC's of Securing Educational Networks

Sasha Nunke

PCI Myths

Sasha Nunke

Web Application Scanning 101

Sasha Nunke

PCI Compliance: What You Need to Know

Sasha Nunke

Planning and Deploying an Effective Vulnerability Management Program

Sasha Nunke

Recently uploaded (20)

PDF

Empathic Computing: Creating Shared Understanding

Mark Billinghurst

PDF

Encapsulation_ Review paper, used for researhc scholars

gurumoop

PDF

Dropbox Q2 2025 Financial Results & Investor Presentation

Dropbox

PDF

Mobile App Security Testing_ A Comprehensive Guide.pdf

flufftailshop

PPTX

A Presentation on Artificial Intelligence

memembruh336

PDF

7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf

SOFTTECHHUB

PDF

Building Integrated photovoltaic BIPV_UPV.pdf

SandeepSingh286037

PPTX

PA Analog/Digital System: The Backbone of Modern Surveillance and Communication

AVTRON Technologies LLC

PDF

Modernizing your data center with Dell and AMD

Principled Technologies

PPTX

Understanding_Digital_Forensics_Presentation.pptx

ImranKhan423233

PDF

Diabetes mellitus diagnosis method based random forest with bat algorithm

IAESIJAI

PDF

Build a system with the filesystem maintained by OSTree @ COSCUP 2025

Jian-Hong Pan

PDF

Reach Out and Touch Someone: Haptics and Empathic Computing

Mark Billinghurst

PPTX

Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...

ReZa AdineH

PDF

Machine learning based COVID-19 study performance prediction

IAESIJAI

PDF

Network Security Unit 5.pdf for BCA BBA.

Serpent6

PDF

Peak of Data & AI Encore- AI for Metadata and Smarter Workflows

Safe Software

PDF

Electronic commerce courselecture one. Pdf

OmerMohamed64

PDF

Blue Purple Modern Animated Computer Science Presentation.pdf.pdf

Akar16

PDF

KodekX | Application Modernization Development

KodekX

Empathic Computing: Creating Shared Understanding

Mark Billinghurst

Encapsulation_ Review paper, used for researhc scholars

gurumoop

Dropbox Q2 2025 Financial Results & Investor Presentation

Dropbox

Mobile App Security Testing_ A Comprehensive Guide.pdf

flufftailshop

A Presentation on Artificial Intelligence

memembruh336

7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf

SOFTTECHHUB

Building Integrated photovoltaic BIPV_UPV.pdf

SandeepSingh286037

PA Analog/Digital System: The Backbone of Modern Surveillance and Communication

AVTRON Technologies LLC

Modernizing your data center with Dell and AMD

Principled Technologies

Understanding_Digital_Forensics_Presentation.pptx

ImranKhan423233

Diabetes mellitus diagnosis method based random forest with bat algorithm

IAESIJAI

Build a system with the filesystem maintained by OSTree @ COSCUP 2025

Jian-Hong Pan

Reach Out and Touch Someone: Haptics and Empathic Computing

Mark Billinghurst

Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...

ReZa AdineH

Machine learning based COVID-19 study performance prediction

IAESIJAI

Network Security Unit 5.pdf for BCA BBA.

Serpent6

Peak of Data & AI Encore- AI for Metadata and Smarter Workflows

Safe Software

Electronic commerce courselecture one. Pdf

OmerMohamed64

Blue Purple Modern Animated Computer Science Presentation.pdf.pdf

Akar16

KodekX | Application Modernization Development

KodekX