Chapter 7. The Role of Standards
Technical standards, guidelines, best practices, and industry customs all play an important role in assisting companies as they work through the process of addressing their information security needs. But what role do they play, if any, in addressing legal compliance? In particular, given the many laws and regulations addressing security worldwide, are there any standards that a business can comply with and be assured of meeting all of its legal obligations (particularly on a global basis)?
Standards and industry customs
Standards, guidelines, best practices, and industry custom and usage all offer possible approaches to determining what level of security is appropriate in a given situation.
Standards are perhaps ...