Information Security Policies: Keys to Compliance
All information security and data privacy regulations contain two common elements. First, the organization must adopt a set of information security and privacy policies that reduce organizational risk and protect information assets. Second, the organization must demonstrate cyber security resilience by establishing a cyber security control framework that addresses key cyber security risks and regulatory requirements.
Common Compliance Library
Information Shield publications enable compliance with any information security or privacy regulation, by enabling a best-practices approach to managing information security that is based on international standards. Our common security policy library is based on international standards, including ISO 17799 (ISO 27002), the international standard for information security management, and the O.E.C.D. Privacy Principles, the international standard for privacy management. Our publications fit squarely in the model of a “unified” approach to compliance.
IT Security Compliance Made Easy
How do you manage the complexity of your information security program without breaking the bank? ComplianceShield enables any organization to easily manage all information security program requirements in a simple, intuitive program.
Specific Regulations Addressed by Information Shield
While our publications help with any compliance program, we also provide specific information to help enable compliance with a number of security and privacy regulations.
- Gramm-Leach-Bliley Act (GLBA),
- Sarbanes-Oxley Act (SARBOX),
- Payment Card Industry Data Security Standard (PCI-DSS), and
- NY State Financial Services (NYS-DFS)
- Healthcare and Pharmaceuticals – HIPAA (Health Insurance Portability and Accountability Act of 1996) and FDA 21 CFR Part 11.
- Infrastructure and Energy – FERC and NERC Cybersecurity Standards,
- Federal Government – FISMA (NIST 800-53 Standards) and the NIST Cyber Security Framework (CSF).
- Security Frameworks – ISO 27002 (ISO 27001) and COBIT.
- State Data Protection Laws – MA State Identity Theft Law (201 CMR 17.00)
- Consumer Protection and Data Privacy – Our publications help compliance with all data privacy laws including: California Consumer Protection Act (CCPA), Children’s Online Privacy Protection Act (COPPA), Children’s Internet Protection Act (CIPA) and GLBA.
Compliance with Data Privacy Laws
Need to stay up to date with privacy laws and regulations?