As vice president of the Sudbury, Mass.-based consultancy SystemsExperts, Richard E. Mackey Jr. has seen a common problem when auditing companies that need to comply with various regulations: customers don't know how to structure their policies and elements of an overall regulatory compliance program.
Resellers and solution providers can help companies by initiating and creating a layout that will handle any and every compliance requirement.
In this video, Mackey reviews a compliance program structure that will allow your customers to fit in any variety of regulations and guidelines: PCI DSS, MA 201 CMR 17, Nevada 603A and every other privacy law or legislation that may appear in the future.
Mackey reviews the essential elements of the compliance program, including sample policy structure, organization and policy, asset management, risk assessment, information classification and handling, human resources and training, access control and more.
This was first published in July 2010