Book traversal links for 3.2.2 Regulatory Compliance
3.2.2 Regulatory Compliance
No: 381000091275 | Date(g): 24/5/2017 | Date(h): 28/8/1438 | Status: In-Force |
Versions (3 versions) |
Principle
A process should be established by the Member Organization to identify, communicate and comply with the cyber security implications of relevant regulations.
Objective
To comply with regulations affecting cyber security of the Member Organization.
Control considerations
1. | A process should be established for ensuring compliance with relevant regulatory requirements affecting cyber security across the Member Organization. The process of ensuring compliance should: | |
a. | be performed periodically or when new regulatory requirements become effective; | |
b. | involve representatives from key areas of the Member Organization; | |
c. | result in the update of cyber security policy, standards and procedures to accommodate any necessary changes (if applicable). |