Risk Management for Compliance Discussion
400-600 words
Given the following list of international and domestic information security standards and compliance laws, choose 1 standard or law and describe its real-world implementations in both the private and public sectors:
Information Security Standards
- American National Standards Institute (ANSI)
- Institute of Electrical and Electronics Engineers (IEEE)
- International Electrotechnical Commission (IEC)
- International Organization for Standardization (ISO)
- International Telecommunication Union Telecommunication Sector (ITU-T)
- Internet Architecture Board (IAB)
- Internet Engineering Task Force (IETF)
- National Institute of Standards and Technology (NIST)
- Payment Card Industry’s Data Security Standards (PCI DSS)
- World Wide Web Consortium (W3C)
Compliance Laws
- Children’s Internet Protection Act (CIPA)
- Family Educational Rights and Privacy Act (FERPA)
- Federal Information Systems Management Act (FISMA)
- Gramm-Leach-Bliley Act (GLBA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Sarbanes-Oxley (SOX) Act