Today’s regulatory environment is increasingly complex, the penalties for failure unattractive and the route to effective compliance not clear. ISO 27001 provides a best-practice solution to the range of regulatory issues faced by directors.

Organizations have traditionally responded to regulatory compliance requirements on a law-by-law, or department-by-department basis. That was, last century, a perfectly adequate response. There were relatively few laws, compliance requirements were generally firmly established and well-understood, and the jurisdictions within which businesses operated were well-defined.

Over the last decade, all that has changed. Rapid globalisation, ...