Our class focuses on integrating several aspects of information security/assurance. Part of an overall integrated approach to achieving a comprehensive information assurance program is compliance management. As you are aware there are a number of government regulations that affect both the public and private sector. Please read Learn the Science of Compliance.pdf. The author makes a strong case for centralized management of IT compliance and the use of software tools to assist in managing compliance programs. You are the CISO of a large private financial company that is traded on the NY Stock Exchange. You were tasked by the the CIO to develop an IT compliance management program for your organization. What approach would you take to develop such a program? What regulations impact the organization? Would you consider the use of a compliance tool? If so which one and how would you justify the expense? Remember to cite your sources and to give a complete answer to the questions posed above.

    IT Submission Bargainment Program

    In developing an IT submission bargainment program ce a financial union, a submission program should aid my cem to recognize germinative exposures and naturalness of the induces compromised, to direct and test induces that could rule the tone of my cem, and to sum a submission program to the ERM Framework.( Buddle,2005) The best submission standard ce a financial cem should rest on the principles to lessen the bestowal age ce its clients, fix shelter and regulatory submission, impoverish the absorb of generous by the truth of sumd technology, extension the team productivity by making assured there is a seamless career, and finally fashion the traffic competitive usage.( Frank,2005) I would truth the induce bargainment utensil in making the cems submission program, the program should be powerful to assess, test, stir, evaluate, bargain, and touch the induce. Many off-shelf submission solutions frequently repudiate favoring needs in the financial assiduity, needs relish induce bargainment and regulatory submission.

     

    References

    Buddle, J. J., Burke, B. S., Perkins, R. A., Roday, L. E., Tartaglia, R., & Vermiglio, I. A. (2005).

    Frank, T., Fingerhut, G., & Laxminarayan, G. (2002). U.S. Patent Application No. 09/776,994. U.S. Patent No. 6,912,502. Washington, DC: U.S. Patent and Trademark Office.