Chapter 2: Security Policies, Compliance, and Professional Responsibilities

📖 Key Topics Covered

▸ Describe key regulatory frameworks including HIPAA, PCI DSS, and GDPR
▸ Security Policies
▸ Types of Security Policies
▸ Acceptable Use
▸ Policy (AUP)
▸ Password Policy
▸ Specifies requirements for
▸ Establishes procedures for
▸ Response Policy
▸ Remote Access
▸ BYOD Policy
▸ Change Advisory Board before
▸ Policy Hierarchy
▸ Regulatory Compliance
▸ Key Regulations and Standards

🔑 Key Terms

Authorization Due Care Due Diligence Guidelines Humans Policies Procedures Regulatory Compliance Organizations Standards

See the full definitions in the Glossary and test yourself with Flashcards.

Assessment Tips

💡 Assessment Tip

Understand the difference between policies, standards, procedures, and guidelines. Policies and standards are mandatory; guidelines are recommendations. Procedures are the "how‐to" documents that implement standards. Regulatory Compliance Organizatio

← Chapter 1 All Chapters Chapter 3 →