This is cache of http://www.rsa.com/blog/blog_entry.aspx?id=1295. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Defining "Compliance"
2008-06-25 00:00:00 by Dave Howell in Speaking of Security, the RSA Blog and Podcast
 
As part of the RSA Compliance Solutions team I meet with companies all over the world to discuss their security challenges and priorities. Inevitably I spend much of my time discussing ... you guessed it ... compliance.

It is eye-opening to see how differently our customers and partners, as well as folks within RSA, define compliance. From what I've seen, most will immediately gravitate towards the notion of meeting the stated or implied security requirements within governmental mandates, such as Sarbanes-Oxley and HIPAA. In addition, "compliance" certainly conjures up images of the PCI Data Security Standard, which isn't surprising considering how many organizations these requirements impact. What we don't tend to see initially is a broader view of compliance...

 
Tags: compliance, define compliance, security requirements, security challenges, requirements impact, broader view, conjures, hipaa, time
 
 
 
 
 
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia