As a head of compliance in the financial sector, you’re acutely aware that rapid digitisation and evolving cyber threats call for unwavering vigilance. The Digital Operational Resilience Act (DORA), in operation since January 2023 and applicable from January 2025, serves as your guiding beacon amidst the sea of IT and cybersecurity risk management. DORA and ICT Risk Management At the … Read More
Choosing a compliance framework for your business
What is a compliance framework? In the past decade, a host of data privacy regulations have been introduced to combat the growing risk of cyber threats in today’s increasingly interconnected digital world. Companies must comply with these regulations to secure customers’ personal data – or risk leaving themselves susceptible to data breaches, as well as the financial, legal, and reputational … Read More
What is a COBIT framework?
Control Objectives for Information and Related Technology (COBIT) is a framework created by the Information Systems Audit and Control Association (ISACA) as a supportive tool for managers. The framework allows for bridging the gap between business risks, technical issues, and control requirements. COBIT is a globally recognised guideline that can be applied to any industry. The COBIT framework ensures quality, … Read More
What are information security standards?
An information security standard is a series of documented processes that define how to implement, manage, and monitor various security controls. As well as providing a blueprint for mitigating risk and reducing vulnerabilities, cybersecurity standards and cybersecurity frameworks typically detail the necessary steps for achieving regulatory compliance. Let’s look at information security standards, why they’re important, and the consequences of failing … Read More
How does the Digital Operational Resilience Act (DORA) affect you?
RiskXchange can help you stay on the right side of data privacy regulations anywhere in the world. The ever-increasing risk of cyberattack has prompted the EU to adopt a legislation to improve the cybersecurity and operational resiliency of the financial services sector – the DORA act. The Digital Operational Resilience (DORA) Act was implemented to ensure that the European financial sector is able to remain … Read More
How to choose a cybersecurity framework that works for you
A cybersecurity framework provides security teams with a set of standards and a common language across borders and industries to understand security postures. With a cybersecurity framework in place, it can help define the procedures and processes that your organisation must take to monitor, asses and mitigate cybersecurity risk. Let’s take a closer look at the most common cybersecurity frameworks. … Read More
GDPR compliance checklist for 2022
The barometer for ensuring that your business is compliant with privacy and security laws is to abide by the General Data Protection Regulation (GDPR). However, very few organisations are fully compliant which could leave them wide open. Non-compliant organisations could face fines of up to £18 million or 4% of annual global turnover, if that’s a greater sum. With that shocking … Read More
What is SOC 2?
Why SOC 2 compliance is important for protecting sensitive data and building customer trust SOC 2 (Systems and Organisations Controls 2) is a comprehensive reporting framework used for the assessment and subsequent testing of controls relating to the Trust Services Criteria (TSC) of security. It’s basically a set of compliance requirements outlining what companies should adhere to when using cloud-based … Read More
Why use compliance monitoring as a part of your cybersecurity program?
Compliance monitoring is a key part of any cybersecurity program. It is a continuous process used to ensure staff are following procedures and policies put in place to protect company assets. Regulatory compliance monitoring is key to spotting potential issues in any organisation’s function or operations. However, it is now becoming extremely difficult for companies around the world to meet their regulatory … Read More
- Page 1 of 2