Awareness module on compliance

This awareness and training module delves into the monitoring/oversight and enforcement aspects of compliance - 'playing by the rules'. Both the organization as whole, and workers individually, are obliged to comply with various rules concerning information security. Some rules are imposed on us by external authorities in the form of laws and regulations (e.g. GDPR/privacy, PCI DSS), others we impose on ourselves through corporate policies, procedures.Although easily overlooked, people need to be made aware of the security rules, helped to understand and appreciate their obligations, and motivated to comply. There are numerous laws and regulations relating to information security, far too many for us to cover in detail. On top of that, we are not lawyers and this is not legal advice. Therefore, we can only talk in general terms about the legal and regulatory side. We face the same constraint with corporate security policies: we are not familiar with your policies, or with your current ...