Recent Comments
Tag Archives: internal auditing
SSNS ON THE LOOSE! (Legacy Edition)
I’m trying to understand the newsworthiness of the latest episode of “SSNS On The L0OzE. OMG!!1!!” Some dude in the mail room puts a bunch of computer tapes in the wrong slot, according to the AP report in the Houston … Continue reading
Posted in Uncategorized
Tagged breach notification, disclosure laws, internal auditing, physical security, sb1386, security
Leave a comment
Waffle are Just Pancakes with Little Squares On ‘Em
I’ve been working on something, but I don’t know if it will make by race time in Shanghai. In the meantime, the most important part of internal auditing is “production value.” And we know what that means.
Posted in Uncategorized
Tagged internal auditing, risk assessment, tapeheads, waffles
Leave a comment
The Red, Yellow and Green Legos of Judgment
I’m out here in Coyote and Roadrunner land, knee deep in internal auditing. I co-presented yesterday on privacy, as a co-author of an Institute of Internal Auditing publication.It’s been a interesting couple of days, driven in part by the isolation … Continue reading
One Man’s Trash
The righteous fury of Texas Attorney Abbott was last month stymied by an elite cadre of county clerk ninjas who conjured a shambling legislative behemoth to crush his valiant effort to protect the privacy of Texans.Abbott screwed his courage to … Continue reading
Posted in Uncategorized
Tagged consumer, identity theft, internal auditing, physical security, texas
Leave a comment
Auditing Privacy Part 2 – Risk Assessment of Data Loss
The easy way to assess privacy risks is to focus on the impact of data theft to the organization by including the private data as a corporate asset. There are well documented methods to identify the vulnerabilities in means of … Continue reading
Posted in Uncategorized
Tagged identity theft, internal auditing, privacy, risk assessment
Leave a comment
Auditing Privacy Part 1 – Ethics and the Canon
It would comfort many compliance auditors to discover the ultimate checklist and tear after their organization’s privacy program, collecting tick marks and developing the dreaded deficiency finding. I say to them, “Google is your friend.” For the more enlightened internal … Continue reading
More Questions than answers
This evening has been spent practicing for my SXSW day show: a brief discussion about privacy for which some auditors will be getting CPE. As a result, I have also spent the evening listening to my voice slowly decay into … Continue reading
It’s the Crime, Not the Tool
Tim Wilson at Dark Reading on IT Security: The New Big Brother: “To identify potential insider threats, IT must monitor end users’ behavior by scanning email, tracking network activity, and even watching employees for “trigger” events that might cause disgruntlement. … Continue reading
Posted in Uncategorized
Tagged airport security, fraud, insider threat, internal auditing, privacy, security
Leave a comment
The One In Five 