Information Security: Regulatory Requirements for Compliant Information Security Management

An area that I’m passionate about is information security compliance.   As a compliance professional with a focus on cybersecurity risk management, it is my role to help companies understand the importance of abiding by the handful of important regulations and standards that manage information security risks.

Applicable information security regulations may vary by industry, but some of the most notable standards and rules include:  HIPPA, NIST, SOX, GDPR, ISO 27001 and PCI-DSS.  Many companies’, information technology functions fall under the rubric of one or possibly more of these regulations and standards.  My goal is to inform small businesses of these requirements and what they can do to comply.

Therefore, over the coming weeks, I will be posting installments discussing the specific requirements of these rules and standards, and providing my professional suggestions on how and why small businesses must comply.  Included in these posts will be analyses of the repercussions for non-compliance and examples of non-compliant companies in the news.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.