1. For each of the following companies, list all of the compliance laws/rules with which each must comply.
a. Panera Bread – Compliance laws/rules with which Panera Bread must comply are:
• Sarbanes-Oxley Act (SOX)
• Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA DSS) and PCI Pin Transaction Security (PCI PTS)
b. Blue Cross/Blue Shield - Compliance laws/rules with which Clue Cross/Blue Shield must comply are:
• Sarbanes-Oxley Act (SOX) because WellPoint, Inc. is independent licensee of the Blue Cross and Blue Shield Association
• Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA DSS) and PCI Pin Transaction Security (PCI PTS);
• Gramm-Leach-Bliley Act (GLB) Act;
• Health Insurance Portability and Accountability Act (HIPAA);
• The Health Information Technology for Economic and Clinical Health Act (HITECH);
c. FedEx – Compliance laws/rules with which FedEx must comply are:
• Sarbanes-Oxley Act (SOX)
• Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA DSS) and PCI Pin Transaction Security (PCI PTS);
• Card Organizations Rules
• Electronic Fund Transfer Act, Regulation E (EFTA) because FedEx has their own bank
• Gramm-Leach-Bliley Act (GLBA) Act because FedEx has their own bank
• NIST Guidelines for Media Sanitization
• Open Web Application Security Project (OWASP)
• InfoSec Compliance Requirements
• ISO Security Standards
d. Helena Chemical - Compliance laws/rules with which Helena Chemical must comply are:
• Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA DSS) and PCI Pin Transaction Security (PCI PTS);
• Customs-Trade Partnership Against Terrorism (C-TPAT) – import chemicals;
• H.R. 2868: The Chemical Facility Anti-Terrorism Standards Regulation;
• OSHA Standards,
• Hazard Communication Standard...