Security Think Tank: How businesses can achieve compliance and security
What is regulatory compliance? According to Wikipedia, “Regulatory compliance describes the goal
that corporations or public agencies aspire to in their efforts to ensure that personnel are aware
of and take steps to comply with relevant laws and regulations”.
Such laws and regulations are typified in the UK by the likes of the Data
Protection Act, Regulations
of Investigatory Powers Act, the LSE’s
Combined Code and PCI-DSS.
One common feature of the examples I have chosen is that without the maintenance of good
(information) security basics, you cannot hope to achieve an acceptable level of regulatory
In other words, implementation and maintenance of good
(information) security basics is a necessary part of achieving regulatory
Peter Wenham is a committee member of the BCS Security Forum strategic panel and director of
information assurance consultancy Trusted Management.
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
This was first published in April 2012