CISSP certification: Legal and regulatory issues.

Legal and regulatory issues.

As IT Security Professionals we need to understand that laws and regulations have a huge influence on how we work.
We need to know some of them and understand how the rest work.

  • There are 4 types of laws covered on the exam and important to your job as an IT Security Professional.
    • Criminal Law:
      • “Society” is the victim and proof must be “beyond a reasonable doubt”.
      • Incarceration, Death and Financial fines to “Punish and Deter”.
    • Civil Law (Tort Law):
      • Individuals, groups or organizations are the victims and proof must be ”the Majority of Proof”.
      • Financial fines to “Compensate the Victim(s)”.
    • Administrative Law (Regulatory Law):
      • Laws enacted by Government Agencies (FDA Laws, HIPAA, FAA Laws etc.) Proof “More likely than not”.
    • Private Regulations:
      • Compliance is required by contract (For instance PCI-DSS).

IT security trainer.
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

Leave a Reply