Posted by: Robert Davis
Information Assets Protection, Information Security, Information Security Governance, Information Security Management, IT Controls, Security Frameworks
When links between national and international arenas are considered, international developments have decisively impacted national laws. Specifically; regional coalitions have enacted IAP related edicts that subsequently were codified in national laws and regulations. Procedurally, most regional coalition IAP decrees are presented as directives to member nations for federal ratification. For this reason, with the assistance of legal counsel, it is strongly recommended that information security managers evaluate all relevant statutory and regulatory mandates; in whatever judicial divisions the entity operates. Beneficially, multiple legal compliance requirements assessments enable entity-centric standard practices for satisfying other expected behavior. Exercises in legal due care can also equip an entity to build a compliance culture where standardization is the norm, and conditionally produce an environment conducive to training employees in IAP.
Apgar, Chris. “Complying with multiple regulations and contending with conflicts.” Search400.com, September 6, 2005. http://search400.techtarget.com/tip/0,289483,sid3_gci1122854,00.html (accessed April 21, 2008).
Gelbstein, Ed and Jovan Kurbalija. Internet Governance: Issues, Actors and Divides. Geneva: DiploFoundation and Global Knowledge Partnership, 2005. http://textus.diplomacy.edu/textusbin/env/scripts/Pool/GetBin.asp?IDPool=641 (accessed April 21, 2008).