informa
Slideshow

7 Considerations Before Adopting Security Standards

Here's what to think through as you prepare your organization for standards compliance.
Decide Whether Compliance Is Enough
Scope the Project Carefully
Know Why the Company Wants to Use the Standard
Determine How the New Standard Aligns to the Company's Plans for Growth
Determine What It Will Cost to Comply with the Standard
Training and Preparation
Develop and Implement a Maintenance Regimen
1/7

ISO 27001. PCI DSS. GDPR. When it comes to business and security standards, it's easy to get lost in the alphabet soup of acronyms.

How can you discern which ones are right for your organization? Start by asking some high-level questions as to what you hope to accomplish by adopting them – and how adhering to standards can help your growth, says Khushbu Pratap, a senior principal analyst at Gartner who covers risk and compliance.

"The most important questions to ask [are]: Are your customers asking for it, and do your stakeholders think a particular standard is important?" says Pratap.

Assuming the answers are yes, there are additional factors to think through before moving ahead with a strategy for compliance. The seven practical tips outlined in this feature will help. Heavily regulated organizations typically have special teams that work on these standards, but even for them, use this list as a chance to take a step back and better target your standards compliance and certification teams.

 
Next slide
Recommended Reading: