There are layers of security policy, regulations, and laws that play a part in risk assessment and management. There are also tools and resources available to help guide information security professionals in how to comply with those regulations and policies. For this assignment, consider the context of a publicly traded IT services firm doing business in Denver, Colorado.
Based on the resources and discussions you have completed in Units 3 and 4, write a paper of at least four pages that addresses the following:
- Analyze the role that policies and procedures play in the selection of specific regulatory compliance tools and controls.
- Evaluate existing regulatory compliance tools and controls.
- Apply a regulatory compliance tool within a specific organization.
- Explore the factors important to consider when evaluating a regulatory compliance tool for use in a specific context.
- Written communication: Written communication is free of errors that detract from the overall message.
- APA formatting: Resources and citations are formatted according to APA (6th edition) style and formatting.
- Length of paper: At least 4 pages, excluding the references page.
- Font and font size: Times New Roman, 12 point.