From the course: Governance, Risk, and Compliance (GRC) Essentials by Pearson
Join today to access over 25,200 courses taught by industry experts.
Understanding system requirements
From the course: Governance, Risk, and Compliance (GRC) Essentials by Pearson
Understanding system requirements
Now that we've defined the scope of the system, the next step is to identify its specific requirements. These requirements guide the selection and implementation of your controls, ensuring that your system is secure and compliant. System requirements typically fall into two categories. The first are security requirements, which outlines how the system protects its data, processes, and assets. The second are privacy requirements, that focus on safeguarding sensitive information and meeting data protection regulations. For example, a healthcare organization might require systems to encrypt patient data to comply with HIPAA. Previously we talked about security requirements aligning with the CIA triad. Again, for those of you not familiar with this concept, the CIA triad stands for confidentiality, integrity, and availability, and make up the pillars for security. Let's take a look at the following example for an e-commerce platform. They might have the following security requirements…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.