Proactive vs. Reactive Compliance Management

Much of my time spent working is focused on performing technology assessments against some kind of baseline. Most of the time, these are specific government or industry standards like HIPAA, NIST, ISO and PCI. But when some of my clients reach out to me about evaluating their environment in light of these standards, it’s often done out of a feeling of obligation in which they are reacting to some kind of demand from whoever is overseeing their work.

View More »