IT Governance, Risk, and Compliance

Apr 25 2013   8:08PM GMT

Revisiting the Safeguarding of Information Assets – Part X

Robert Davis Robert Davis Profile: Robert Davis

Even when compliance requirements extend internationally, managerial responsibility to prevent and detect illegal acts continues without regard to organizational formation origin.  Given this fiduciary obligation, an entity’s management typically utilizes policies, directives, procedures, standards, rules, validation and monitoring as control conduits to obtain reasonable assurance that security related illegal acts are prevented or detected on a timely basis.

Institutionalized ISG defines the information assets safeguarding perimeter inside which an entity should operate.  Whereas, legal compliance management ensures structural boundary segments are sturdy and the entity consistently fulfills its mission within externally imposed demarcation lines.  Aligning ISG with legal compliance management allows an entity to enhance cultural ethics while concurrently reducing judicial risks.  Predicatively, laws will continue to be enacted and the regulatory environment will become more complex due to unacceptable conduct remediation.  Consequently, entities will continue to be compelled to demonstrate compliance with legal mandates — especially laws governing data retention and privacy — that can differ by hemisphere, country, province, county, city, as well as industry.  In this increasingly complex regulatory environment, most entities should balance their focus on compliance imperatives without diminishing anticipated response quality to governmental edicts.

Source:

Apgar, Chris. “Complying with multiple regulations and contending with conflicts.” Search400.com, September 6, 2005.  http://search400.techtarget.com/tip/0,289483,sid3_gci1122854,00.html (accessed April 21, 2008).

Booz, Allen, and Hamilton. Convergence of Enterprise Security Organizations. N.p.: The Alliance for Enterprise Security Risk Management, 2005. http://www.issa.org/Downloads/ConvergenceStudyNov05.pdf (accessed April 21, 2008).

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: