written 8.5 years ago by | modified 2.9 years ago by |
Mumbai University >Information Technology>Sem7>Cloud Computing
Marks: 10 M
Year: Dec2011, Dec2014
written 8.5 years ago by | modified 2.9 years ago by |
Mumbai University >Information Technology>Sem7>Cloud Computing
Marks: 10 M
Year: Dec2011, Dec2014
written 8.5 years ago by |
The auditing & regulating standards currently in effect are:
Gramm Leach Bliley Act(GLB)
Sarbanes Oxley Act(SOX)
Health Insurance Probability & Accountability Act(HIPAA)
Payment Ford Industry Data Security Standards (PCI-DSS)
1) GLB Act:
The GLB act is applicable to financial institutions which includes non-bank mortgage lenders, loan brokers, some financial or investment advisors, debt collectors, tax return prepares, banks and real estate settlement service providers.
GLB’s safeguard rule requires financial institutions to develop a written plan that describes how the company is prepared for and plans to continue to protect client’s nonpublic personal information.
2) SOX
It is applicable to publicity owned companies to prevent corporate frauds.
It is intended to make corporate reporting more transparent.
Its provisions aim to
→ Reduce or eliminate conflicts of interest of independent financial auditors.
→ Improve oversight by boards of director’s audit committees of independent financial auditors.
→ Increase oversight by the Securities and Exchange Commission (SEC) by increasing its budget.
→ Require accounting for employee stock option compensation as an operating expense.
3) HIPAA
HIPAA’s privacy Rule establishes regulations for the use and disclosure of protected Health Information (PHI).
PHI is any information held by a covered entity that concerns health status, provision of health occur that can be linked to an individual.
4) PCI-DSS
It defines control objectives & requirement for compliance for merchants that process, store or transmit payment card holders primary account number which is 16 digits.
It provides merchants with self-Assessment questionnaire (SAQ) which is a validation tools intended to assist merchants and service providers their compliance with the PCI OSS.
PCI issued a prioritized approach. Framework which focuses on following Security milestones.
If you don’t need it, don’t store it.
Secure the perimeter
Monitor & control access to your system
Protect stored card holder data
Finalize remaining compliance efforts & ensure
All controls are in place.