Scribd Logo
Upload

Welcome to Scribd!

  • 2023 SA Information Security Thermometer Research Report 07

    Uploaded by

    Bruce ROBERTSON
    8 views4 pages
    The document discusses an organization's need to comply with external laws, regulations, and internal controls. It notes that legislation is established by governments while regulations provide more specific guidance on enforcing legislation within an industry or region. Organizations must remain aware of changing compliance requirements. The rest of the document involves selecting levels of compliance and utilization for various information security standards and best practices.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses an organization's need to comply with external laws, regulations, and internal controls. It notes that legislation is established by governments while regulations provide more specific guidance on enforcing legislation within an industry or region. Organizations must remain aware of changing compliance requirements. The rest of the document involves selecting levels of compliance and utilization for various information security standards and best practices.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views4 pages

    2023 SA Information Security Thermometer Research Report 07

    Uploaded by

    Bruce ROBERTSON
    The document discusses an organization's need to comply with external laws, regulations, and internal controls. It notes that legislation is established by governments while regulations provide more specific guidance on enforcing legislation within an industry or region. Organizations must remain aware of changing compliance requirements. The rest of the document involves selecting levels of compliance and utilization for various information security standards and best practices.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    3/15/23, 3:19 PM The 2023 Information Security Thermometer

    The 2023 Information Security Thermometer

    * Required

    4. Information Security Compliance


    (Estimated completion time: 3 mins)
    An organisation must adhere to external laws and regulations and internal controls within the
    organisation. Organisations are subject to ever-changing requirements established by external
    regulators, including government agencies, stock exchanges or industry bodies. Legislation is
    broader and almost always generated within a country’s government, while regulations are more
    specific and detail how legislation should be enforced within a certain region or industry.

    https://forms.office.com/pages/responsepage.aspx?id=i_oLrX6FCkO1bgA0PMDIoTq8GFulIJxMsoSr_wljBsFUMjI5UU45UjNCN0RSTzU2N0RENj… 1/4
    3/15/23, 3:19 PM The 2023 Information Security Thermometer

    33. Please confirm your organisations readiness to comply with the following,
    by selecting the applicable option for each one: *

    Not
    Planning to applicable to
    Fully Somewhat be my
    compliant compliant compliant organisation Unsure

    Regulation of
    Interception
    of
    Communicati
    ons Act 70 of
    2002 (RIC
    Act)

    Payment
    Card Industry
    Data Security
    Standard (PCI
    DSS)

    KING IV Code
    of
    Governance
    for SA

    Electronic
    Communicati
    ons and
    Transactions
    Act 25 of
    2002 (ECT
    Act)

    Protection of
    Personal
    Information
    Act (POPIA)

    Cybercrimes
    Act 19 of
    2020 of
    South Africa

    https://forms.office.com/pages/responsepage.aspx?id=i_oLrX6FCkO1bgA0PMDIoTq8GFulIJxMsoSr_wljBsFUMjI5UU45UjNCN0RSTzU2N0RENj… 2/4
    3/15/23, 3:19 PM The 2023 Information Security Thermometer

    34. Which standards or best practice guidelines do you currently use in your
    organisation?  Please select the applicable level of utilisation for each one
    *

    Not
    applicable
    Fully Somewhat Planning for my
    utilised utilised Not utilised to utilise organisation Unsure

    ISO 27001/2
    (Information
    Security)

    ISO 27701
    (Privacy
    Management)

    COBIT 4.1

    ITIL 4.0

    Information
    Security
    Forum (ISF)

    NIST
    Cybersecurity
    Framework
    (CSF)

    CIS Critical
    Security
    Controls (CIS
    Controls)

    MITRE
    ATT&CK

    https://forms.office.com/pages/responsepage.aspx?id=i_oLrX6FCkO1bgA0PMDIoTq8GFulIJxMsoSr_wljBsFUMjI5UU45UjNCN0RSTzU2N0RENj… 3/4
    3/15/23, 3:19 PM The 2023 Information Security Thermometer

    35. What is your position on achieving external ISO 27001 certification for
    your company? *

    We are not convinced of the business benefits and are not considering certification

    We have conducted a gap analysis against ISO 27001 and wish to comply with the ISO
    27001 requirements

    We are seriously considering obtaining ISO 27001 certification

    We have already achieved ISO 27001 certification

    Unsure

    36. Is there anything you would like to add to the information you have
    provided in this section? *

    Yes

    No

    Back Next

    Never give out your password. Report abuse

    This content is created by the owner of the form. The data you submit will be sent to the form owner. Microsoft is
    not responsible for the privacy or security practices of its customers, including those of this form owner. Never give
    out your password.

    Powered by Microsoft Forms |


    The owner of this form has not provided a privacy statement as to how they will use your response data. Do not
    provide personal or sensitive information.
    | Terms of use

    https://forms.office.com/pages/responsepage.aspx?id=i_oLrX6FCkO1bgA0PMDIoTq8GFulIJxMsoSr_wljBsFUMjI5UU45UjNCN0RSTzU2N0RENj… 4/4

    You might also like