O'Reilly logo

IT Regulatory Compliance in North America by Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 1: INTRODUCTION

A key challenge for all IT executive teams is to ensure that the organization avoids breaches of any criminal or civil law, as well as any statutory, regulatory or contractual obligations, and of any security requirements.

Control A.15.1.1 of ISO/IEC27001:2005 (the best-practice information security management standard) provides guidance that is relevant to the IT governance of every organization. It says that the organization should explicitly define and document the statutory, regulatory and contractual requirements for each of its information systems, and that this documentation should be kept up-to-date to reflect any relevant changes in the legal environment.

The specific controls and individual responsibilities ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required