Ensuring compliance for an organization is an essential requirement for any security group. Virtually every company is impacted by regulatory oversight that stipulates demands that resonate in information security. Even organizations that are not affected by external demands will want to ensure they are in compliance with internal requirements, such as policy, standards, and processes.

Compliance management within the ASMA is responsible for ensuring the company is compliant with external industry regulations and standards as well as internally defined policy and standards as they relate to information security. These activities not only address compliance throughout the organization, but also include compliance within ...