Law and ethics are interrelated, and laws are largely drawn from the ethics of a culture. Various organizations, including the Association for Computing Machinery (ACM), Information Systems Audit and Control Association (ISACA), and Escal Institute of Advanced Technologies (SANS), have established codes of ethics that members are expected to follow. Information security (InfoSec) professionals must have at minimum a rudimentary grasp of the legal and ethical frameworks within which their organization operates. Assessment You were a part of a last-minute meeting that confirmed the need for action in the matter of customer information offered for sale on a public auction site. This was a risk that simply your company was not prepared/planned for. You “the CISO” of the company was assigned to research/investigate this incident. Knowing that the auction site was hosted on a server owned by a company outside of the U.S.,• what best practices would you follow to investigate this case?• Which law enforcement agency do you think you should consult?• On what factors do you base that recommendation? ***I have attached a few references and also chapter readings which include: Ch 13 Regulatory Guidance for Financial Institutions, Ch 14 Regulatory Guidance for the Health Care Sector, and Ch 15 PCI Compliance for Merchants.
Related Completed Projects
Evaluate how the office of the President and Congress impacts public health policy through politics and legislation.
Write a Dissertation on public relations.
Communication ProcessThe graduate applies effective communication techniques and principles to business environments.
In your Case Study Analysis related to the scenario provided, explain the following as it applies to the scenario you were provided (not all may apply to each scenario):