Ask Rebecca Herold your IT compliance questions!
 Contact Rebecca Herold
 through email, the
 discussion board, or IM.
  Learn more...


Presented by Realtimepublishers
About our Community Minimize is a Realtime Community, an independent production of Although our community is brought to you by the generous support of the corporate sponsor NetIQ, we work hard to ensure that the community remains an independent, objective voice, where you can come to learn more about IT Compliance technologies and products, and where you can communicate with your peers and industry experts regarding IT Compliance issues, techniques, and more. In order to help ensure the community's objectivity, any materials provided by our sponsor–including technical expertise in the Discussion Forums–is clearly identified through the use of the sponsor's corporate logo.

Our community leader is Rebecca Herold, who has more than 16 years of experience in information security, privacy and compliance.  Rebecca is an independent consultant, author and instructor and assists organizations of all sizes with their information privacy, security and regulatory compliance programs. Rebecca has a B.S. in Math and Computer Science and an M.A. in Computer Science and Education.  Rebecca is a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), a Certified Information Systems Manager (CISM), and a Fellow of the Life Management Institute (FLMI). Rebecca has been a member of the Information Systems Audit and Control Association (ISACA) since 1990 and has held all board positions throughout her membership in the Iowa chapter. Rebecca is a charter member of the Iowa Infragard chapter that was formed in 2000, and a member of the International Association of Privacy Professionals (IAPP). Prior to owning her own business, Rebecca filled key privacy and security roles.  She was Vice President, Privacy Services and Chief Privacy Officer at DelCreo, Inc., Chief Privacy Officer and Senior Security Architect for QinetiQ Trusted Information Management, Inc., Global Security Practice Central Region Security Subject Matter Expert at Netigy and Senior Systems Security Consultant at Principal Financial Group.  Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group which was awarded the CSI Outstanding Security Program of the Year Award in 1997.  Rebecca is also an adjunct professor for the Norwich University Master of Science in Information Assurance (MSIA) program.

Rebecca authored The Privacy Papers (Auerbach) in 2001, The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach) in 2003, The Business Executive Practical Guides to Compliance and Security Risks book series (Realtime Publishers) in 2004, Managing an Information Security and Privacy Awareness and Training Program (Auerbach) in 2005, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers) in 2005 and The Privacy Management Toolkit (Information Shield) in 2006.  Rebecca has also authored chapters for several books, and has been writing a monthly information security and privacy column for the Computer Security Institute (CSI) Alert newsletter since 2001, in addition to regularly contributing articles to other publications.  Rebecca is also a frequent speaker at seminars and conferences, and teaches information security and privacy workshops through CSI.  Rebecca lives in the country near Des Moines, Iowa.  Her personal website is and she can be reached at

We invite you to browse around, participate in the Discussion Forums, and enjoy all our community has to offer. New content is added to the community on a weekly basis, and our community leader checks in regularly to help answer questions and provide advice. We also invite you to lend your expertise by contributing to the community: Answer a question in the Discussion Forums, suggest a new IT Compliance resource you've found, and so forth.



About our Sponsor Minimize

NetIQ's Knowledge-Based Service Assurance products and solutions include embedded knowledge and tools to implement industry best practices and to better ensure operational integrity, manage service levels and risk and ensure policy compliance. NetIQ delivers compliance and risk management solutions with deep security knowledge resulting from years of experience and hundreds of customer deployments. NetIQ solutions enable companies to successfully automate and apply the right controls to their environment and report on regulatory compliance in the most cost effective manner. NetIQ helps customers assure compliance in order to:

  • Meet regulations and policies
  • Report on compliance metrics
  • Manage IT risks
NetIQ’s modular, best-of-breed solutions for Performance & Availability Management, Security Management, Configuration & Vulnerability Management, and Operational Change Control integrate through an open, service-oriented architecture allowing for common reporting, analytics and dashboards. For more information about NetIQ, visit or call (888) 323-6768.


About Realtimepublishers Minimize
rtp-logo-white-(150x73).gif is a Web 2.0 marketing and publishing firm providing a unique portfolio of expert interactive communities and web-based content products across multiple delivery channels. The company’s marketing services adhere to the highest permission-based standards to assist its clients with thought-leadership development and customer education. is the creator of the renowned eBook programs and Realtime Communities - sponsored interactive forums for expert knowledge sharing and education. continues to be the worldwide leader in corporate-sponsored e-publishing. We publish high-quality publications, which are free to readers, on the websites of industry-leading companies around the world. Our publications are published on a chapter-by-chapter basis, as they are written. This unique concept of publishing in "real time" provides readers with the information they need on today's critical IT topics, and our sponsors with valuable content for their website visitors. publications are changing the standards by which corporate website content is judged.