IT Governance, Risk, and Compliance

Apr 11 2013   8:24PM GMT

Revisiting the Safeguarding of Information Assets – Part VI

Robert Davis Robert Davis Profile: Robert Davis

Regulatory agencies are generally designed to operate with minimum executive or legislative supervision. Theoretically, a commission of experts is more suitable for regulating an industry’s activities than legislative or executive oversight committees. Usually, regulatory agencies are empowered with executive, legislative, and judicial functions, and their regulations have the force of law.

Simultaneous compliance with multiple legal mandates can create unique challenges for most entities. Selectively, potential compliance hurdles include distinct internal management groups pursuing equivalent goals; diverse audit perspectives, priorities, and requirements; as well as confusion resulting from redundant controls. For instance, cross-compliance with the Foreign Corrupt Practices Act (FCPA), Sarbanes Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), and Gramm-Leach-Bliley Act (GLBA) may generate muddled responses regarding the importance of certain security controls for a U.S. based ‘publicly held’ corporate conglomerate.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: