Security Think Tank: How businesses can achieve compliance and security

What is regulatory compliance? According to Wikipedia, “Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and regulations”.

Such laws and regulations are typified in the UK by the likes of the Data Protection Act, Regulations of Investigatory Powers Act, the LSE’s Combined Code and PCI-DSS.

One common feature of the examples I have chosen is that without the maintenance of good (information) security basics, you cannot hope to achieve an acceptable level of regulatory governance.

In other words, implementation and maintenance of good (information) security basics is a necessary part of achieving regulatory compliance.

Peter Wenham is a committee member of the BCS Security Forum strategic panel and director of information assurance consultancy Trusted Management.

Security Think Tank: How businesses can achieve compliance and security

Part 1. Adrian Davis, Information Security Forum (ISF)

Part 2. John Colley, (ISC)2


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in April 2012


COMMENTS powered by Disqus  //  Commenting policy