Purpose
Compliance is important because it is the act of following laws, rules, and regulations that apply to an organization. For an organization to be compliant it involves following laws and regulations by interpreting them so that policies and procedures can be defined. By you researching some of the various real world standards and laws you will not only recognize how they are there to protect individuals but also realize the impact that they have on an organization.
Task
Given the following list of international and domestic information security standards and compliance laws, choose one standard or law and describe its real-world implementations in both private and public sectors.
Information security standards:
- American National Standards Institute (ANSI)
- Institute of Electrical and Electronics Engineers (IEEE)
- International Electrotechnical Commission (IEC)
- International Organization for Standardization (ISO)
- International Telecommunication Union Telecommunication Sector (ITU-T)
- Internet Architecture Board (IAB)
- Internet Engineering Task Force (IETF)
- National Institute of Standards and Technology (NIST)
- Payment Card Industry’s Data Security Standards (PCI DSS)
- World Wide Web Consortium (W3C)
Compliance laws:
- Children’s Internet Protection Act (CIPA)
- Family Educational Rights and Privacy Act (FERPA)
- Federal Information Systems Management Act (FISMA)
- Gramm-Leach-Bliley Act (GLBA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Sarbanes-Oxley (SOX) Act
Criteria
- Format: Microsoft Word
- Font Arial, Size 12, double-space
- Length: 2- 3 pages
