Hello, I'm a student at the University of Advancing Technology (UAT) and this week we've been learning about the Plan, Do, Check, Act methodology for implementing an information management security system. Our reading explains about PDCA and how an organization should use it to obtain an ISO 27001 certification.
In our reading there was a note about possible conflicts within different across national, state, and local laws and regulation. Does anyone have any knowledge or experience with how an organization handles this scenario? Which laws would takes legal precedent? Is it case by case, a general rule of thumb, or a clear winner in all cases?
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!