CHAPTER 9: STEP 9 – MAINTAINING AND DEMONSTRATING COMPLIANCE

Maintaining regulatory compliance requires your entity to be able to demonstrate that the systems are secure, and that adequate processes and procedures are in place to quickly address any gaps in your security posture. For publicly traded entities, this can include detailed reports for financial systems as required by Sarbanes-Oxley (SOX) and corporate governance requirements detailed in the Combined Code 2006.

All entities need to contend with the growing in number and complexity of legal and regulatory compliance – irrespective of size. FISMA (US), SoX, the Data Protection Act40, the European Directive, California SB 1386 (US); and of course the Payment Card Data Security Standard ...

Get PCI DSS: A Practical Guide to implementing and maintaining compliance, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.