Being compliant with applicable laws and regulations is one of the four major goals of an information security program. Because of the growing importance of information security, there are many laws and regulations, and we can expect more to emerge in the coming years. This course outlines a few of the more common laws and regulations you're likely to find in multinational organizations.
Regulations have the force of law, and if violated, could mean heavy financial penalties. Explores regulations and compliance considerations as they relate to governance, risk, and compliance (GRC) in multinational organizations.
Determine how to establish the importance of building regulatory compliance into a company's IT security program. You will then examine Personally Identifiable Information (PII), and Protected Health Information (PHI). This leads into the subject of Payment Card Industry Data Security Standard (PCI DSS), and General Data Protection Regulation (GDPR), and corporate governance in the banking industry in terms of Know Your Customer (KYC) and Anti Money Laundering (AML) regulations.