HOW TO ACHIEVE REASONABLE COMPLIANCE

In considering what reasonable compliance may be defined as, one must first recognize that no safe harbor rules have been promulgated by the Government; therefore, a sensible approach to defining reasonable compliance involves focusing on the standard artifacts found within an INFOSEC program.

We believe that reasonable compliance for most legislative acts can be achieved by establishing an INFOSEC program generally containing the following:

• Periodic Assessments
• Data Security Plan
• Business Continuity/Disaster Recovery Plans
• Identity Access Management
• Procedural/Administrative/Technical system controls
• Security policy infrastructure
• Active program management
• Incident Response Plan
• Vulnerability Scanning & Remediation
• Physical Security/Environmental Security
• Personnel Security
• Security awareness & Training
• System (& Security) Development LifeCycle (SDLC) (where applicable)
• Supply Chain research
• Emerging and evolving threat and technology research
• Security trends and Legislative requirements
• Periodic Documentation Updates

Protect your business, protect your clients.
We are the leverage you need.
We're here to help.

TAI, Inc.©

2020 © DataSecurityPlan.Com.  All Rights Reserved.