PART II: PRINCIPLES
I often get asked the question – How can we become compliant? – only to give the ubiquitous answer: it depends. Have you wondered why the same techniques can work wonders for one organization, yet flounder in another? There is yet an interim step between seeing a gap and taking action.
In Part I: Elements, we explored the “what” of an IT control, slicing it from six perspectives. Before we get to the “how” in Part III: Strategies – techniques that can be employed to attain or sustain IT compliance through effective control design – we need to take an interim step: recognize the ways and means that elements can be structured to lead to a desirable outcome.
Seen in this light, the section on Principles is a bridge that gets ...
Get Compliance by Design: IT Controls that Work now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
