O'Reilly logo

Selling Information Security to the Board by Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 10: LEVERAGINGREGULATORY COMPLIANCE

A well-prepared, well-organised, trusted adviser is likely to gain an audience from senior managers to talk through proposals for enabling the organisation to outperform its competitors, while removing non-compliance risk to the bottom line.

Identify a relevant law or regulation that has IT- related compliance requirements: the UK’s Data Protection Act (‘DPA’), HIPAA and GLBA in the United States, PIPEDA in Canada, and so on. Identify the gaps between your current actual practice and what the law requires you to do, focusing on the bigger issues, the areas of non- compliance which are likely to trigger the bigger problems. Under the UK’s DPA, for instance, the absence of a Fair Processing Notice on ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required