Data privacy and data protection regulations, and best practices, require organizations to implement both technical and organisational measures appropriate to the nature of data access and processing, and the associated risks of course. Organizations need to ensure there are appropriate processes in place to test the effectiveness of both technical controls and policies, but also....

Enterprise risk remains one of the most significant concerns for businesses in the information age. As more businesses start embracing remote work, managing risk in digital environments becomes even more vital. Risk management stems from how the enterprise sees its data. As more companies start investing in business intelligence, the safety of business data rises....

When the Three Lines of Defense Model started to get traction within companies a few years ago, I was often asked to explain how software could support the process better, and sometimes even what it really meant for control, risk and audit departments. To me, this model always made sense, and helped companies go well....

Introduction In this blog post, we will learn how to mask “ID Number” field in Birth Certificate (BC), Driver’s License (DL), and Social Insurance Number (SN) sub-types of Personal IDs (0185) Info-type of transaction SE16/PA20/PA30. For other Sub-types, ID Number field will remain unmasked. Attribute based authorizations are dynamic determination mechanism which determines whether a user is authorized to access specific data sets which can be based on....