HIPAA, PCI DSS and Sarbanes-Oxley (SOX) are well known in information security and business. Despite the fact that the business is aware of these regulations and is willing to support them to avoid sanctions, there still exists a gap when
information security professionals and the business must collaborate to ensure compliance. The result is mismatched expectations and frustration.
This Pocket E-Guide examines using one or more of the compliance regulations as a framework rather than relying solely on the traditional information security guides to build a security framework. By using a compliance-driven framework,
you may be better able to demonstrate how the countermeasures and controls you've been pushing will help the organization support compliance.
Information Security Research Library
