Answer & Explanation:Our class focuses on integrating several aspects of information
security/assurance. Part of an overall integrated approach to achieving a
comprehensive information assurance program is compliance management. As
you are aware there are a number of government regulations that affect both the
public and private sector. Please read Learn the Science of Compliance.pdf (attached). The author makes a
strong case for centralized management of IT compliance and the use of software
tools to assist in managing compliance programs.
You are the CISO of a large private financial company that is traded on the
NY Stock Exchange. You were tasked by the CIO to develop an IT compliance
management program for your organization. What approach would you take to
develop such a program? What regulations impact the organization?
Would you consider the use of a compliance tool? If so which one and how
would you justify the expense?
Remember to cite your sources and to give a complete answer
GRADING RUBRIC:
1.
Answer must be was at least 250 words.
2.
Posted a complete and coherent
response to the discussion topic.
3.
Fully addresses the discussion topic
or question and demonstrates understanding of concepts.
4. Includes at least on trustworthy and scholarly resource in
the response and uses correct APA formatting for the citation and reference.
learn_the_science_of_compliance.pdf
Unformatted Attachment Preview
Learn the Science of Compliance to Survive
Douglas Schweitzer
Computerworld; Jul 31, 2006; 40, 31; ABI/INFORM Global
pg. 28
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.
…
Purchase answer to see full
attachment
