By JohnWeathington (User) on
Thursday, June 26, 2008
Okay, we’ve already learned the prevention is the best medicine. But what do we do when we cannot put preventive controls in place? This article answers that question and more, with more examples and data architecture considerations.
|
By JohnWeathington (User) on
Thursday, June 19, 2008
In this article, we discuss the importance of understanding your “Really As-Is” process, and the big mistake companies make when building process documents. Then, we explore a data architecture for continuously auditing your process in an automated fashion.
|
By JohnWeathington (User) on
Thursday, June 12, 2008
In today’s article, we discuss the different types of controls, the best type of control, and considerations for how these controls can be worked into the data architecture of your company.
|
By JohnWeathington (User) on
Thursday, June 05, 2008
In this article, I scratch the surface on the growing concern of data privacy. We’ll discuss how the industry has reacted to the concern, and how you might start to solution for it.
|
By JohnWeathington (User) on
Tuesday, June 03, 2008
What do you do when your company consistently has compliance weak points that don’t seem to go away? This article explores this condition, and provides the steps that your company will need to go through – and how you will support it.
|
By JohnWeathington (User) on
Thursday, May 22, 2008
For years now, agile development has been an extremely efficient way to get results while keeping the customer happy. However there are perils, especially for the database people. This article gives you a primer for what to expect, and how to succeed.
|
By JohnWeathington (User) on
Thursday, May 15, 2008
If dead people are accessing your database, data breach is right around the corner. In this week’s blog, we discuss database access management concerns, and how to architect a compliance system to handle them.
|
By JohnWeathington (User) on
Thursday, May 08, 2008
Here we take a look at end users sending data back to the database. Is it a good idea? What are some of the reasons why your end users would want to do this? And, four key tips to consider when designing in this functionality.
|
By JohnWeathington (User) on
Thursday, May 01, 2008
For the last couple of weeks we’ve been talking about controls. Here we round out our series by talking about Segregation of Duties ( SOD ) as a way to keep things in control. Here are some key tips for designing systems that demonstrate control with SOD.
|
By JohnWeathington (User) on
Thursday, April 24, 2008
As a follow on to last week’s blog about controlling with reconciliation, in this blog we look at another common control – approvals. Here are some key tips for designing systems that demonstrate control with approvals.
|
By JohnWeathington (User) on
Thursday, April 17, 2008
In the compliance world, reconciliation is more than just making sure your data loaded properly. Here are some key tips to using reconciliation as a control in your compliance data system.
|
By JohnWeathington (User) on
Thursday, April 10, 2008
When audits are involved, you are guilty until proven innocent. Here are 4 key strategies to employ in the design of your compliance data system, that will prove your company’s innocence.
|
By JohnWeathington (User) on
Thursday, April 03, 2008
An introduction to Compliance Data Systems – a data system for the auditors. Here we explore the need, and see where it fits into the technical architecture.
|
By JohnWeathington (User) on
Thursday, March 27, 2008
Inaugural entry for John Weathington’s Quest for Compliance. Here we get introduced to John, get clear on some compliance related definitions, and get acquainted with the impact compliance has on DBAs, database developers, and IT managers.
|