Feb 12 2009 10:22PM GMT
Posted by: Robert E. Davis
Information Asset Protection, Information Security Governance, Information Security Management, Sarbanes Oxley Act, Foreign Corrupt Practices Act, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, IAP, ISG, ISM, SOX, SOA, FCPA, GLBA, HIPAA
Legal Compliance Alignment - Part I
Posted by: Robert E. Davis
Information Asset Protection, Information Security Governance, Information Security Management, Sarbanes Oxley Act, Foreign Corrupt Practices Act, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, IAP, ISG, ISM, SOX, SOA, FCPA, GLBA, HIPAA
Institutionalized information security governance defines the information assets safeguarding perimeter inside which an entity should operate. Whereas, legal compliance management ensures structural boundary segments are sturdy and the entity consistently fulfills its mission within externally imposed demarcation lines. Generally, determining an entity’s legal mandates exceeds the security function’s ambit. Nonetheless, overseeing the design, implementation and monitoring of applicable legal requirements is a security function imperative. Aligning information security governance with legal compliance management allows an entity to enhance cultural ethics while concurrently reducing judicial risks.
Comment
RSS Feed
Email a friend
You must be logged-in to post a comment. Log-in/Register