Navigation * Home / Solutions / Foundstone / Policy Regulatory Compliance

Foundstone - Policy & Regulatory

Compliance

Many organisations are required to conform to industry-specific regulations to protect electronic data Information breaches have serious consequences in these sectors, and companies who do not comply face heavy fines and possible legal actions.

Foundstone Professional Services has helped numerous companies understand and meet these complex regulations in a way that exceeds business requirements and maximizes investments.

BII Foundstone has expertise in the following regulatory areas:

• Sarbanes-Oxley (SOX) – Assurance of information systems processing financial records.

• Gramm-Leach-Bliley Act (GLBA) – Provides new tools to financial organisations, and protects Non-Public customer Information and Personally Identifiable customer Information.

• FFIEC – Risk Assessment in accordance with banking regulatory guidelines.

• Health Insurance Portability and Accountability Act (HIPAA) – Provides new regulations to protect Personal Health Information.
  
• BS7799 (ISO17799) – Guidelines and best practices for security management.
  
• NIST 800-30 – Risk assessment guidelines for government and civilian information systems.
  
• Children’s Online Privacy Protection Act (COPPA) – Regulates collection of children’s personal information.
  
• SB1386 – Mandatory reporting of customer information disclosure for California residents.
  
• ISO15408 (Common Criteria) – A framework to evaluate IT security.

Government organisations are responsible for meeting the widest range of rules and regulations. Industry-leading consultants use tools and methodologies designed specifically to address the special needs of this sector. They implement strong, flexible security solutions that meet the limited budgets of government organisations.

If you would like to contact a member of our consultancy team today please either telephone or email;

Tel: +44 (0) 1622 618 752
Email: foundstone@bii-compliance.com