O'Reilly logo

Information Security Law: The Emerging Standard for Corporate Compliance by Thomas J. Smedinghoff

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Security Controls to Consider

As noted in Section 4.1, many security laws and regulations merely require “reasonable” or “appropriate” security, without any specification as to what security controls are required. Other security laws and regulations, however, do specify a variety of security controls that must be addressed by a company’s security program. But in almost all cases they list only the categories of security controls that must be addressed, without requiring that any specific security controls or technologies be implemented. As explained in Section 5.3, the company selects which security controls to implement (so as to be legally compliant) by reference to the risk assessment.

This chapter identifies and explains the categories ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required