Options

Security regulatory compliance beginner

codeacecodeace Member Posts: 38 ■■□□□□□□□□
in Other Security Certifications
Morning folks!

Most InfoSec job postings require that I have substantial knowledge on regulatory compliance standards. What am I expected to know?

Any good place to start with learning about SOX / PCI etc?
Everything happens for a good reason! Don't question it. Just accept it :)
· Share on FacebookShare on Twitter

Comments

  • Options
    dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    It depends on the industry. GLBA for financial, HIPPA for healthcare, SOX for auditing, etc. PCI is more general and applies to merchants who accept card payments.

    If you don't have any preference, I'd gain a high-level overview of all of them, and if it every comes up in an interview, just stress your willingness to learn the details.
    · Share on FacebookShare on Twitter
  • Options
    JDMurrayJDMurray Admin Posts: 13,029 Admin
    There are some good SOX and PCI discussions and references to materials on LinkedIn.com.

    Forum Admin at www.techexams.net
    --
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    · Share on FacebookShare on Twitter
  • Options
    GAngelGAngel Member Posts: 708 ■■■■□□□□□□
    All my training was usually on the job. Auditors used to give us huge volumes to go over and then we'd get updates via dvd usually. HIPPA and SOX I learned while working for a pharma company and PCI at my latest gig. CISA type stuff just more focused. Most don't need you to memorize the details they just want to know that you've either worked in a company that follows the procedures or you understand what the standards are for and why they're currently used. They'll train you as to how the standards apply to them personally.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.