Chapter 1. The Need for Information Systems Security Compliance

IN THE EARLY TO MID-2000s, many large corporations suffered public failures. Since then, a number of compliance laws have been introduced. Many of these laws and regulations place an increased responsibility on information technology (IT) staff. This increased responsibility ensures they have proper information system controls throughout the environment to provide the necessary security of customer data. In addition, they ensure the integrity of the systems upon which business processes run.

Compliance goes beyond just conforming to internal policies and standards. Compliance extends outside of the organization, mapping to external regulations and industry standards. Regular assessments ...

Get Auditing IT Infrastructures for Compliance now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.