Governance and Internal Controls for Cutting Edge IT

CHAPTER 3: LEGISLATIVE AND REGULATORY COMPLIANCE CONCERNS

“It's strange that men should take up crime when there are so many legal ways to be dishonest.” Author unknown, quoted in Sunshine magazine

Overview of the Regulatory and Statutory Landscape

A critical input to the IT strategy and governance are the policies and requirements for business legal and regulatory compliance. ISO/IEC 27001:2005 Clause 4.2.1(b) 2 is a mandatory clause for any organization seeking ISO27001 certification (or to meet the intent of ISO27001) and it states:

“Define an ISMS (Information Security Management System) policy in terms of the characteristics of the business, the organization, its location, assets and technology that takes into account business and legal ...

Get Governance and Internal Controls for Cutting Edge IT now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Governance and Internal Controls for Cutting Edge IT by Karen F. Worstell

CHAPTER 3: LEGISLATIVE AND REGULATORY COMPLIANCE CONCERNS

Overview of the Regulatory and Statutory Landscape

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly