When selecting security controls within a baseline, or otherwise, organizations need to ensure that the controls comply with certain external security standards. External elements typically define compulsory requirements for an organization. As an example, the Payment Card Industry Data Security Standard (PCI DSS) defines requirements that businesses must follow to process major credit cards.
- Chapter 5 Protecting Security of Assets
- from CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition
- Publisher: Sybex
- Released: September 2015
Use as an example.
Share this highlighthttp://www.safaribooksonline.com/a/cissp-isc2-certified/10972054/