The importance of having a global overview of your IT conformity
Data is the new oil for the century. We generate and store more and more data. It becomes important and legally required to manage information security and pricacy. Simple to say but in reality we face lots of norms and regulations (ISO/IEC 27001:2013, COBIT 5 for information security, ISF Standard of Good Practices 2013, SANS 20 Critical Security Controls, PCI/DSS 3, AICPA Generally Accepted Privacy Principles, CSA Cloud Security Controls, NIST…. ) and it becomes difficult to get an overview of operations conformity and maturity.