Resources for Federal Financial Institutions Examination Council (FFIEC)

The Tangled Web of Information Security Compliance

www.iht.com

In any given boardroom today, you can find abundant discussions analogous to someone blurting out letters from an alphabet soup can. Acronyms like PCI, HIPAA, ISO 17799, SOX and GLBA erupt from the mouths of executives who have the "deer caught in headlights" look as they speak these acronyms. The acronyms are various types of regulatory compliance standards and guidelines. Each of these compliance acronyms affects their own specialized space from credit card processing to healthcare, and even how to implement proper security controls as a public company. Some are regulatory, with government backing, and others are simply best practices and standards created by councils or independent organizations. They all have abundant threads of information security throughout them. The key is any of them can cost a company a great deal of money, time, and lost business if the company is not willing to abide by the requirements which lie within them. On the other side of the coin, it costs a substantial amount of money, time and business interruption to gain compliance in each area. Luckily there is a simple and cost effective way to approach the tangled web of compliance.

View the Resource

Share or bookmarklet this web page at: