Industry Concerns for the Assessment Site


An issue of major importance is the industry in which the customer organization conducts its business. The amount of legislation, regulation, and industry-related practices that influence the way organizations are run today is phenomenal. It can be a daunting task to merely keep up with the overall legislation that rapidly changes on a regular basis, let alone all the industry-specific or best-practice components that impact information security requirements. You will be asking your customer organization’s POC for this information, but he or she may not know it all. That is why we usually recommend that you create a base list of questions and ask in a yes/no format whether these specific rules or guidelines apply in the customer environment. This approach might help jog the memory or understanding of the people you are working with. Then, of course, the last question would be a little more open-ended. Here are a few examples of base issues:

- Health Insurance Portability and Accounting Act of 1996 (HIPAA)

- National Institute of Standards and Technologies (NIST)

- Sarbanes-Oxley

- Gramm-Leach-Bliley (GLB)

- Financial Management and Accountability (FMA) Act

- Federal regulations

- What other regulations, legislation, and guidelines do you follow?

- Family Education Rights and Privacy Act (FERPA)

As you can see, we have touched on only a few issues here; many more could come into play, depending on the customer organization’s industry. The federal regulations alone can fill multiple pages. Since these areas vary widely and carry a large amount of detailed information, personnel resources with the understanding of the regulations in your specific upcoming environment can often be more difficult to schedule than technical resources, so be sure to find out this information as soon as possible.

Legal Disclaimer

Our website is not responsible for the information contained by this article. Webworldarticles.com is a free articles resource thus practically any visitor can submit an article. However if you notice any copyrighted material, please contact us and we will remove the article(s) in discussion right away.


This article was sent to us by: Sean Martin at 01312008

Related Articles

1. Vendor Requirements
What should the vendor requirements cover? Financial viability. Is the company successful and likely to remain successful? If the vendor is a pu...

2. Customer Promotion
In most CRM implementations customers are users too, so they need some degree of information just like internal users. The schedule and depth of communication may not b...

3. DATA CUSTOMERS
What Are Data Customers? Business owners (large or small) must understand to whom financial results will be communicated. The parties to whom this information is...

4. ANTICIPATING CUSTOMER NEEDS
Need to Anticipate Customer Requirements The finance strategist must go beyond identifying data customers to understanding their needs well enough to anticipate ...

5. CRM Test
For those of you who like to make quick assessments, here is a short test that will help you pinpoint whether your CRM system is successful, and whether it makes sense ...

6. Elements of CRM
CRM has grown into a dense and tangled field, and many vendors that provide only a small piece of the puzzle call themselves CRM vendors, making it difficult to sift th...

7. Why Does CRM Fail So Often
It's become almost fashionable to talk about the high failure rate of CRM projects. For instance, an often-cited Gartner study from late 2001 clai...