Karthik Padullaparty

Regulatory and Industry Standards (including but not limited to Information Security) Compliance are a must for organisations wanting to operate above board, avoid contingent liabilities and want to meet and satisfy customers needs. However, compliance evidencing is a huge cost to businesses, especially where they have to evidence compliance with multiple requirements governed and policed by different authorities.

Information security is very important for all organisations. There a multitude of Information Security regulatory and industry standards that most organisations/businesses need to comply with. The costs of compliance audit and evidential proof of compliance could be daunting.

This Project is the development of a framework to help business optimise the value and minimise the cost of review and proofing compliance.

RCL director Gabriel Akindeju, has given me a project to create a platform that allows companies to select a set of regulatory instruments and industry standards that impact on their business. This will then be able to perform minimal set of walk-through reviews that will meet all of the requirements of the identified instruments.

Evidential proof of compliance can then be generated within the period of validity of the review and records to satisfy all of the business stakeholders.

My main task is to analyse a few of these regulatory instruments and industry standards and classify them. Using this analysis, I am to create a foundation for a platform that can be used, maintained and updated in the future.