CISSP certification: Legal and regulatory issues.

Post author:Thor Pedersen
Post published:September 15, 2017
Post category:CISSP Certification / CISSP, CISM, CISA, and PMP BLOG / IT security / Updates

Legal and regulatory issues.

As IT Security Professionals we need to understand that laws and regulations have a huge influence on how we work.
We need to know some of them and understand how the rest work.

There are 4 types of laws covered on the exam and important to your job as an IT Security Professional.
- Criminal Law:
  - “Society” is the victim and proof must be “beyond a reasonable doubt”.
  - Incarceration, Death and Financial fines to “Punish and Deter”.
- Civil Law (Tort Law):
  - Individuals, groups or organizations are the victims and proof must be ”the Majority of Proof”.
  - Financial fines to “Compensate the Victim(s)”.
- Administrative Law (Regulatory Law):
  - Laws enacted by Government Agencies (FDA Laws, HIPAA, FAA Laws etc.) Proof “More likely than not”.
- Private Regulations:
  - Compliance is required by contract (For instance PCI-DSS).

Tags: (ISC)², CISSP, CISSP CBK, CISSP Certification, CISSP class, CISSP domains, CISSP Practice questions, CISSP Salary, CISSP study, CISSP training

Thor Pedersen

IT, information security, and project management trainer Best selling CISSP. CISM, and PMP instructor on Udemy. CISSP, CISM, C|EH, CDPSE, PMP, 2x CCNP, CompTIA Security+, SCP, 3x CCNA, et. Al.

CISSP certification: Legal and regulatory issues.

Thor Pedersen

You Might Also Like

CISM Domain 2 was just approved on Udemy!

IT security: NSA Crypto challenge of the week!

CISSP Friday-Five Questions: Identity and access management.