Elements and Performance Criteria
- Implement compliance systems
- Monitor and assess the information security compliance practices of personnel according to enterprise policy and procedures
- Maintain ongoing and effective communications with key compliance stakeholders
- Conduct internal audits to determine if information security control objectives, controls, processes, and procedures are effectively applied and maintained, and perform as expected
- Evaluate compliance systems