Legal and Policy Factors
Determining applicable policies
Consideration for different types of organisations
Considerations beyond requirements
Considerations for the future
Understanding risks for non-compliance
Addressing multiple standards