Regulatory Compliance: Insufficient Protection for Today's Sensitive Data and the Need for a Risk Management Plan

Date of Award


Document Type

Undergraduate Capstone Project

Degree Name

Master of Applied Science

Organizational Unit

University College, Security Management


Security Management

First Advisor

Jon Coombes


Assessment, Compliance, HIPAA, Information, Management, Risk, Security


Regulatory requirements focused on enhancing information security within both the private and public sectors are on the rise. The increase in attention towards compliance with these requirements may serve to promote a false sense of security, as a good risk management plan is the crucial component to protecting against information security threats. Logically, additional security should equal less data theft; however, breaches of sensitive data continue to be a growing problem. This growth may point to a poor understanding of how to conduct proper risk management in conjunction with regulatory compliance. This project will show the need for identifying gaps between compliance and risk management and will provide a risk management guide that can be used to do so.

Publication Statement

Copyright is held by the author. Permanently suppressed.

This document is currently not available here.