search:
               

• Say What You Do Products
• Effective Technical Communication
• Inclusive modeling -- how to diagram your processes
• Audience, clarity, logic, and brevity
• Word choices
• Does you use correct grammar?
• Eats, shoots, and leaves
• Frameworks
• The major frameworks used for establishing IT controls
• Analyzing the acceptance of framework controls
• A guideline for scoping controls
• Why it is a bad idea to cut and paste from the standards
• How capability maturity relates to frameworks
• Policies
• Effective Technical Communication
• Creating policies
• Should we (and do we) label media appropriately?
• Procedures
• Documenting your procedures
• Standards
• Documenting organizational standards
• Authors
• Rebecca Herold, CISSP, CISA, CISM, FLMI
• Dorian J. Cougias
• Marcelo Halpern
• Say What You Do eBook bundle
• Free IT policy guide
• Say What You Do eBook Edition
• Forms, Templates, and Samples
• Say What You Do toolkit
• Systems and Information Classification Standards
• Change Management
• Information Assurance Compliance Maturity Model Index (IACMMI)
• The Language of Compliance
• Systems and Info Classification

Rebecca is an information privacy, security and compliance consultant, author and instructor with her own company since mid-2005, Rebecca Herold, LLC. Rebecca has over 16 years of privacy and information security experience, and assists organizations in all industries throughout the world of all sizes with all aspects of their information privacy, security and regulatory compliance programs. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the 1998 CSI Information Security Program of the Year Award. Rebecca is also an Adjunct Professor for the Norwich University Master of Science in Information Assurance program.

Rebecca has served as a board and council member of various organizations, and is currently on the Norwich University Journal of Information Assurance Board of Review. Rebecca is frequently interviewed and quoted in diverse publications such as Consumer Financial Services Law Report, hcPro Briefings on HIPAA, SC Magazine, SearchSecurity, Information Security, Business 2.0, Disaster Resource Guide, The Boston Herald, Pharmaceutical Formulation and Quality, IT Business Edge, Fortifying Network Security, IT Architect, CIO Strategy Center, Physicians Weekly, IEEE's Intelligent Systems, Cutter IT Journal and others, including the "Privacy Piracy" California radio broadcast.

Prior to owning her own business, Rebecca served in key privacy and security roles. She was Vice President, Privacy Services and Chief Privacy Officer at DelCreo, Inc., Chief Privacy Officer and Senior Security Architect for QinetiQ Trusted Information Management, Inc. (Q-TIM), the Global Security Practice Central Region Security Subject Matter Expert for 2 years at Netigy. Prior to joining Netigy, Rebecca was at Principal Financial Group (PFG) where she was responsible for the corporate information security and privacy program.

Rebecca authored many books; some of them include The Privacy Papers (Auerbach) in 2001, co-authored The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach) in 2003, Managing an Information Security and Privacy Awareness and Training Program (Auerbach) in 2005, the Privacy Management Toolkit (Information Shield) in 2006 and co-authored Say What You Do in 2007. Rebecca has also authored chapters for dozens of books along with over one hundred other published articles. She has been writing a monthly information privacy column for the CSI Alert newsletter since 2001 and contributes articles to other publications regularly. Rebecca has a B.S. in Math and Computer Science and an M.A. in Computer Science and Education.

Contact Information

Tel: (515) 491-1564
E-mail: rebeccaherold@rebeccaherold.com