Historically, compliance audits were difficult and costly, driving many organizations to choose to assume the risk of not really knowing the organization’s posture in terms of compliance. Today, a number of software solutions are able to reach out into a network and perform controls and configuration testing against a set of criteria matched to specific laws, regulations, and statutes. Commonly available software tests for the Sarbanes-Oxley Act (also known as SOX), the Payment Card Industry Data Security Standard (PCI-DSS), and the Health Insurance Portability and Accountability Act (HIPAA), with variations among product packages as to other functionality that can be tested.
The CIO of a local medical device company is concerned about how well his employees are complying with the laws and regulations that apply to his organization. He asks you to research and deliver recommendations for the tools and resources you will need to purchase a suitable software package. Following that recommendation, you are to use the software to determine the level of compliance and to identify any areas of weakness. Finally, you are asked to report back to him on mitigations that will strengthen the organization’s regulatory compliance posture.
Use the study materials and engage in any additional research needed to fill in knowledge gaps. Then discuss the following:
Hi there! Click one of our representatives below and we will get back to you as soon as possible.