-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathEffective Security Compliance.html
More file actions
44 lines (44 loc) · 5.42 KB
/
Effective Security Compliance.html
File metadata and controls
44 lines (44 loc) · 5.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Markmap</title>
<style>
* {
margin: 0;
padding: 0;
}
#mindmap {
display: block;
width: 100vw;
height: 100vh;
}
</style>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/markmap-toolbar@0.17.0/dist/style.css">
</head>
<body>
<svg id="mindmap"></svg>
<script src="https://cdn.jsdelivr.net/npm/d3@7.8.5/dist/d3.min.js"></script><script src="https://cdn.jsdelivr.net/npm/markmap-view@0.17.0/dist/browser/index.js"></script><script src="https://cdn.jsdelivr.net/npm/markmap-toolbar@0.17.0/dist/index.js"></script><script>(r => {
setTimeout(r);
})(() => {
const {
markmap,
mm
} = window;
const {
el
} = markmap.Toolbar.create(mm);
el.setAttribute('style', 'position:absolute;bottom:20px;right:20px');
document.body.append(el);
})</script><script>((getMarkmap, getOptions, root2, jsonOptions) => {
const markmap = getMarkmap();
window.mm = markmap.Markmap.create(
"svg#mindmap",
(getOptions || markmap.deriveOptions)(jsonOptions),
root2
);
})(() => window.markmap,null,{"content":"Effective Security Compliance","children":[{"content":"Compliance Reporting","children":[{"content":"<strong>Internal</strong>: Reporting within the organization to management, board of directors, or other internal bodies about the organization's compliance status.","children":[],"payload":{"lines":"4,5"}},{"content":"<strong>External</strong>: Reporting to external bodies, such as regulatory agencies or third-party auditors, typically mandated by law or industry standards.","children":[],"payload":{"lines":"5,7"}}],"payload":{"lines":"2,3"}},{"content":"Consequences of Non-compliance","children":[{"content":"<strong>Fines</strong>: Monetary penalties imposed by regulatory bodies for violations.","children":[],"payload":{"lines":"9,10"}},{"content":"<strong>Sanctions</strong>: Restrictions or other punitive actions, which could limit an organization's operations.","children":[],"payload":{"lines":"10,11"}},{"content":"<strong>Reputational Damage</strong>: Negative public perception can lead to loss of customers or partners and decreased stock value.","children":[],"payload":{"lines":"11,12"}},{"content":"<strong>Loss of License</strong>: Regulatory bodies might revoke licenses, barring the organization from operating in specific domains or regions.","children":[],"payload":{"lines":"12,13"}},{"content":"<strong>Contractual Impacts</strong>: Non-compliance can lead to breaches of contracts with partners, customers, or other entities.","children":[],"payload":{"lines":"13,15"}}],"payload":{"lines":"7,8"}},{"content":"Compliance Monitoring","children":[{"content":"<strong>Due Diligence/Care</strong>: Proactively ensuring that all efforts are made to comply with regulations and best practices.","children":[],"payload":{"lines":"17,18"}},{"content":"<strong>Attestation and Acknowledgement</strong>: Formal declarations, often by senior management, confirming adherence to compliance requirements.","children":[],"payload":{"lines":"18,19"}},{"content":"<strong>Internal and External</strong>: Regular internal checks and external audits or assessments to verify compliance.","children":[],"payload":{"lines":"19,20"}},{"content":"<strong>Automation</strong>: Using automated tools and software to monitor and enforce compliance continuously.","children":[],"payload":{"lines":"20,22"}}],"payload":{"lines":"15,16"}},{"content":"Privacy","children":[{"content":"<strong>Legal Implications</strong>: Varying privacy laws and regulations depending on the region or country, such as GDPR in Europe or CCPA in California.","children":[{"content":"<strong>Local/Regional</strong>: Laws and regulations at the municipal or state/provincial level.","children":[],"payload":{"lines":"25,26"}},{"content":"<strong>National</strong>: Country-specific regulations.","children":[],"payload":{"lines":"26,27"}},{"content":"<strong>Global</strong>: International standards or agreements.","children":[],"payload":{"lines":"27,28"}}],"payload":{"lines":"24,28"}},{"content":"<strong>Data Subject</strong>: An individual whose personal data is being collected, processed, or stored.","children":[],"payload":{"lines":"28,29"}},{"content":"<strong>Controller vs. Processor</strong>:","children":[{"content":"<strong>Controller</strong>: Entity that determines the purposes and means of processing personal data.","children":[],"payload":{"lines":"30,31"}},{"content":"<strong>Processor</strong>: Entity that processes personal data on behalf of the controller.","children":[],"payload":{"lines":"31,32"}}],"payload":{"lines":"29,32"}},{"content":"<strong>Ownership</strong>: Determining who owns the data, often the data subject in many regulations, and ensuring that rights are respected.","children":[],"payload":{"lines":"32,33"}},{"content":"<strong>Data Inventory and Retention</strong>: Keeping a clear record of what data is held, where, and for how long.","children":[],"payload":{"lines":"33,34"}},{"content":"<strong>Right to be Forgotten</strong>: An individual's right to have their data erased from an organization's records, a principle highlighted in GDPR.","children":[],"payload":{"lines":"34,36"}}],"payload":{"lines":"22,23"}}],"payload":{"lines":"0,1"}},{})</script>
</body>
</html>