CISM - Information Security Governance - Section 1.2
Identify legal, regulatory and contractual requirements that shape the information security governance framework.
Identify the legal obligations, regulatory requirements such as GDPR, and contractual requirements that directly influence the design of an information security governance framework. Distinguish which requirements impose mandatory controls and which permit the organisation to choose compliant implementation approaches.
Regulatory complianceLegal obligationsContractual requirementsGDPR
More in this domain
Back to all Information Security Governance objectives, or the CISM cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.