IT security frameworks and standards: Choosing the right one

The challenges of running an information security program can be overwhelming. There are so many areas to address... -- from encryption, to application security, to disaster recovery. Then there is the complication of compliance with regulatory requirements such as HIPAA, PCI DSS and Sarbanes-Oxley, just to name a few.