CHAPTER 9: STEP 9 – MAINTAINING AND DEMONSTRATING COMPLIANCE

Maintaining regulatory compliance requires your entity to be able to demonstrate that the systems are secure, and that adequate processes and procedures are in place to quickly address any gaps in your security posture. For publicly traded entities, this can include detailed reports for financial systems as required by Sarbanes-Oxley (SOX) and corporate governance requirements detailed in the Combined Code 2006.

All entities need to contend with the growing in number and complexity of legal and regulatory compliance – irrespective of size. FISMA (US), SoX, the Data Protection Act40, the European Directive, California SB 1386 (US); and of course the Payment Card Data Security Standard ...

Get PCI DSS: A Practical Guide to implementing and maintaining compliance, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.