Here is a recent whitepaper that might be of interest to the IAM and security community, "Avoiding the 7 Most Common Mistakes of Compliance" (registration is required to get a copy ...):

"At the most basic level, there is no single standardized framework or terminology that explicitly defines what your organization must do for compliance. Instead, there are many frameworks with conflicting requirements. Terminology is often vague or interpreted differently within organizations and between geographic regions. Ambiguity abounds due to lack of a universal philosophy of compliance.

A big challenge for security professionals is navigating this ambiguity. Check out this white paper for an in-depth review of the seven most common mistakes of security compliance and tips on using these lessons to meet your compliance goals."

--- Posted by Marco Casassa Mont (here and here)  ---

--- NOTE:  use this mirror blog if you prefer posting on an external blog site  ---