Security regulation compliance is intended to help institutions comply with the interagency guidelines that establish information security standards. By compliance, an organization summarizes its obligations to protect customer information and illustrate how certain provisions of the security guidelines apply to its particular situations. Some organizations still receive little management support or funding for a sound information security policy program. Over the last few years several Federal, State, and international guidelines have been approved about the security of information. Numerous establishments are now enhancing their information security procedures in reply to legal and regulatory necessities. In particular cases, these guidelines are very precise about the requirements for transcribed security and privacy policies. In other instances a law merely necessitates precautions that are suitable for the size and type of organizations (Gross, 1964).
In these cases, enforcement agencies and auditors must accede to admit best practices for control all of which entail written policies. Illustrations of these are the Accepted Information Security Principles (GAISP), Control for Information Technology (COBIT) and ISO/IEC 17799. At the heart of the regulation is the intent of guarding the privacy, integrity and availability of information that influences corporate stakeholders. These laws can be narrowed down to their essential goals that include the establishment and implementation of controls, maintaining, protecting and assess compliance concerns, pinpoint and remediate susceptibilities and deviances (Posthumus, 2006). Provide reporting that can prove the organizations compliance. The following is a list of security and privacy linked principles and their precise information security policy requirements.

Laws and regulation are affecting security law compliance.