IT Governance, Risk, and Compliance

May 5 2013   7:14PM GMT

Revisiting the Safeguarding of Information Assets – Part XIII



Posted by: Robert Davis
Tags:
Information Assets Protection
Information Security
Information Security Governance
Information Security Management
IT Controls
Security Frameworks

Prescriptively; utilizing security, privacy and intellectual property clauses in contractual agreements may aid in clarifying expectations as well as reduce adverse outcomes in post-facto legal disputes. Parties to information asset related contracts should consider documenting terms for:
• signing non-disclosure agreements;
• granting the right-to-audit contractor controls;
• limiting the right-to-access specific information;
• processing the return or destruction of all records at contract termination;
• ensuring implementation of audit trails to closely monitor how information is handled;
• utilizing encryption technology that allows only authorized individuals to view decrypted data;
• addressing approval by applicable government oversight agencies of any subcontracting arraignments; and
• identifying and separating personal and/or confidential information being handled under a contract from other data held by the contractor.

Source:

Hillier,  Peter J. “Transborder Data Flow – Intruding on Privacy?” knowledgeleader.com.  (August 2006). http://www.knowledgeleader.com/KnowledgeLeader/Content.nsf/Web+Content/TFTransborderDataFlowIntrudingonPrivacy!OpenDocument&NWeekly
(accessed April 21, 2008).

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: