Category Archives: Company Blog

John Ford of Sienna Group to speak at Informatica World

The EU General Data Protection Regulation (GDPR) poses significant obligations to all organizations that process the personal data of EU citizens. For instance, personal data must be deleted when legal grounds do not exist for keeping it. Many organizations face significant challenges to determine which personal data they can keep and for what purpose, especially […]

Did the Government make the Right Decision regarding CUI Implementation? Part 3 of our 3 part CUI series.

I must apologize for this final CUI segment taking so long.  Every time I thought I was ready to publish, something new to talk about popped up.  Initially, I was going to talk about the importance of communicating CUI to the organization and the potential pitfalls of a data classification policy in a company that […]

GDPR & Data Discovery – Just like eating an elephant, where do you start?

The Art of Knowing The required compliance date for the EU GDPR is officially less than two months away. And although we’ve heard the warnings about the importance of this regulation, not to mention the heavy hand that’s going to accompany it, many organizations remain extremely unprepared. As part of the Regulation, organizations must know […]

Preparing for a compliance audit…and why companies aren’t … Part 2 Steps to Compliance

In my last article I discussed compliance in an ideal world, but then talked about the reality that companies face regarding compliance efforts in the real world.  If you are ready to move your organization’s compliance and security posture closer to the ideal world, here are seven steps every IT organization should take whether they […]

Preparing for a compliance audit…and why companies aren’t

  Ideal World In an ideal world, a robust Information Security Program is a prominent feature of any IT or service organization’s security, compliance and audit strategy.  An overseeing governance, risk and compliance committee, comprised of key stakeholders, would complete a risk assessment prior to a service being launched.  Including having process and system risks […]

Sienna Group chosen for 20 Most Promising Compliance Technology Solution Providers

The Sienna Group is recognized by CIO Review magazine, as part of its annual listing, as a company at the forefront of providing compliance solutions and impacting the marketplace. Read the Article in CIO Review Magazine Visit our webiste

Managing Controlled Unclassified Information (CUI) – Part Two of a Three Part Series

In my first blog on Controlled Unclassified Information (CUI), I discussed ways in which your organization could get started with the Defense Federal Acquisition Regulation Supplements (DFARS) compliance activities around CUI and the deadline of December 31, 2017.  Hopefully, everyone reading this part two of the three-part series has created the policies required to identify, […]

End-of-Year Security Assessment Checklist

  We are closing in on another completed circle around the sun. A journey that has produced, yet again, more newsworthy data breaches that eclipsed those of yesteryear. Common headline, different time. Although these breaches are raising organizational and consumer awareness, we still commonly encounter two familiar end-of-year themes: Your organization is scrambling to execute […]