In the previous post in this series, I discussed the process you can use to determine whether a particular IT system is regulated. That post described the first part of a four-part approach to assessing and mitigating risk with regulated IT systems. Today’s post will cover the second part – what to do once you […]