Compliance and Governance requirements brought on by laws and regulations can pose challenges for
businesses, particularly as increased accountability and standards are applied. Many businesses are
subject to some type of regulation compliance such as HIPAA, or more commonly, PCI-DSS.
Board of Directors and shareholders are increasing their requirements for oversight, particularly in best
practices and continuous improvements in cyber-security.
ISO 27001 (or 2 or 5 of w/e)