Haha, you guys are all wrong. It's clearly the department-specific policies that matter most. How else are we going to prove we're tailoring our compliance efforts to each business unit?
I'm going to have to disagree with you both. I think change management is the real key here. If we can't properly control and document changes to our systems, that's going to be a huge compliance headache.
I don't know, the communication policy seems pretty important too. We need to make sure we're properly notifying relevant parties about security events and compliance issues.
Hmm, this is an interesting question. I think incident response is the most critical policy for regulatory compliance. If we can't properly respond to and document security incidents, we're going to be in hot water with the auditors.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Staci
8 months agoLuisa
8 months agoAlishia
7 months agoJusta
8 months agoAdell
8 months agoFranklyn
8 months agoAleta
8 months agoDonette
8 months agoLenora
8 months agoCatina
8 months ago