Initial conversion of Compliance chapter to rst
Implements: blueprint sec-guide-rst Signed-off-by: Dave Walker (Daviey) <email@daviey.com> Change-Id: Iafd576aeb940416a7ab698d5353dae3be0d3a464
This commit is contained in:
parent
bacb1b3aa9
commit
89e04016db
|
@ -1,3 +1,25 @@
|
|||
==========
|
||||
Compliance
|
||||
==========
|
||||
|
||||
An OpenStack deployment may require compliance activities for many
|
||||
purposes, such as regulatory and legal requirements, customer need,
|
||||
privacy considerations, and security best practices. The Compliance
|
||||
function is important for the business and its customers. Compliance
|
||||
means adhering to regulations, specifications, standards and laws. It is
|
||||
also used when describing an organizations status regarding assessments,
|
||||
audits, and certifications. Compliance, when done correctly, unifies and
|
||||
strengthens the other security topics discussed in this guide.
|
||||
|
||||
This chapter has several objectives:
|
||||
|
||||
- Review common security principles.
|
||||
|
||||
- Discuss common control frameworks and certification resources to
|
||||
achieve industry certifications or regulator attestations.
|
||||
|
||||
- Act as a reference for auditors when evaluating OpenStack
|
||||
deployments.
|
||||
|
||||
- Introduce privacy considerations specific to OpenStack and cloud
|
||||
environments.
|
||||
|
|
Loading…
Reference in New Issue