California Senate Bill 1386 (SB 1386), which was passed in September 2002, sets forth that every private or public company operating in the State of California that collects personal data is required to protect such information from theft and fraud. The legislation also establishes that corporations are required to notify their customers if any of their financial or personal information has been compromised.
Organizations that fail to comply with SB 1386, also known as the California Breach Disclosure Act, can be punished with fines or other penalties.
The Modulo Risk Manager knowledge base includes the ISO 27002 framework to help your organization meet SB 1386 requirements.
How Modulo Risk Manager helps your business maintain SB 1386 compliance:
- Reduces the time needed to undertake compliance procedures
- Provides a thorough business review to help your organization map which elements are required to implement relevant security measures
- Helps your organization develop clear awareness of the criticality level of each asset by providing a step-by-step procedure to implement actions required for compliance
- Keeps the knowledge base updated for ISO 27002 related controls
- Produces technical reports (including specific procedures required to implement controls) and executive reports (with executive summaries and list of critical problems)
- Provides for storage and retrieval of evidence that can be used in internal and external audit processes
- Generates reports with risks ranked according to their level of criticality, thereby helping the organization prioritize activities designed to reduce these risks
