%0 Journal Article %1 mjs:Wiesmann:Compliance %A Wiesmann, Adrian %D 2015 %K compliance ds15 management mjsarticle regulation %N 2 %P 661-666 %T IT Security Compliance Management can make sense %U http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_040_WiesmannCompliance.pdf %V 10 %X What kind of internal and external controls from regulations and other sources are there? What is IT-Risk and IT-Compliance management? Why and for whom does it matter? How can we handle it and how does compliance aggregation fit into the picture? We will then look at the SOMAP.org project which is an Open Source project working on tools to handle IT-Compliance aggregation and IT Security compliance management in general. We will discuss why compliance management is not only about hot air but can make sense when done right. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences“. Edited by Stefan Schumacher and René Pfeiffer

@article{mjs:Wiesmann:Compliance, abstract = {What kind of internal and external controls from regulations and other sources are there? What is IT-Risk and IT-Compliance management? Why and for whom does it matter? How can we handle it and how does compliance aggregation fit into the picture? We will then look at the SOMAP.org project which is an Open Source project working on tools to handle IT-Compliance aggregation and IT Security compliance management in general. We will discuss why compliance management is not only about hot air but can make sense when done right. This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences“. Edited by Stefan Schumacher and René Pfeiffer}, added-at = {2021-09-19T18:42:17.000+0200}, author = {Wiesmann, Adrian}, biburl = {https://www.bibsonomy.org/bibtex/2967d772a96e45769c51154b5d684b8b9/steschum}, interhash = {ebf74bcad1b4523af1aebb248db9e475}, intrahash = {967d772a96e45769c51154b5d684b8b9}, issn = {2192-4260}, journaltitle = {Magdeburger Journal zur Sicherheitsforschung}, keywords = {compliance ds15 management mjsarticle regulation}, number = 2, pages = {661-666}, timestamp = {2021-10-22T17:15:30.000+0200}, title = {IT Security Compliance Management can make sense}, url = {http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_040_WiesmannCompliance.pdf}, urldate = {2015-11-24}, volume = 10, year = 2015 }