Security Think Tank: How businesses can achieve compliance and security

What can businesses do to make regulatory compliance a priority without losing focus on security basics?

What is regulatory compliance? According to Wikipedia, “Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and regulations”.

Such laws and regulations are typified in the UK by the likes of the Data Protection Act, Regulations of Investigatory Powers Act, the LSE’s Combined Code and PCI-DSS.

One common feature of the examples I have chosen is that without the maintenance of good (information) security basics, you cannot hope to achieve an acceptable level of regulatory governance.

In other words, implementation and maintenance of good (information) security basics is a necessary part of achieving regulatory compliance.

Peter Wenham is a committee member of the BCS Security Forum strategic panel and director of information assurance consultancy Trusted Management.

Security Think Tank: How businesses can achieve compliance and security

Part 1. Adrian Davis, Information Security Forum (ISF)

Part 2. John Colley, (ISC)2


This was first published in April 2012



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Privacy and data protection



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: