• Home
  • Blog
  • Laws, Regulations, and Standards

Laws, Regulations, and Standards


Something important that is missing from the META Security Group Information Security Policy Framework is any acknowledgement that the organization must comply with external security and privacy laws, regulations, and standards. One possible reason is because the framework was created before there were so many compliance rules. Or perhaps the framework is meant to be a general example, but most regulations are industry-specific.

Your assignment for this module is to write a brief (no more than two-page) summary of major U.S. and industry laws, regulations, and standards with which HIC, Inc. must comply. Include a short description of each that may include highlights of security controls or safeguards that are required by the rules. Your list must include any of the relevant rules you have read about in this module, but also the relevant privacy and security rules of the U.S. state or territory where you live (assume that HIC, Inc. is incorporated in your state).

Note that for this assignment you may need to locate and read the original text of the rules to determine what are the major security controls or safeguards. Don’t depend on the textbooks alone to give you a complete list (in the real world, you wouldn’t, would you?). Because compliance with the rules is so critical for organizations, there are many online materials that can help you interpret the original rule documents. Find and make use of them.

About the Author

Follow me

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}