May 12, 2013 4:48 PM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksInformation systems may be of a public or private nature, and contain elements protected by various data security, data privacy, or intellectual property laws. Property classification into public and private categories is based on ownership. If the property is owned by the government or a political...
May 9, 2013 9:41 PM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksInformation systems related due care dictates appropriate data security due diligence activities. Interpretively, an entity’s information systems should represent resources committed to collecting data, processing transactions, and communicating operational results within defined legal limits. An...
May 5, 2013 7:14 PM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksPrescriptively; utilizing security, privacy and intellectual property clauses in contractual agreements may aid in clarifying expectations as well as reduce adverse outcomes in post-facto legal disputes. Parties to information asset related contracts should consider documenting terms for:
•...
May 2, 2013 10:18 PM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksComplicating laws and regulations alignment are trans-border communication requirements regarding information protection and confidentiality. The potentially costly task of obtaining data delivery consent from all affected parties may be the only enabling trans-border information flow baseline....
April 28, 2013 12:08 PM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksAs long as multiple regulatory agencies have government supported agendas, variances can exist that induce comprehensive legal compliance reviews. Primary to multiple decrees control is a thorough analysis of what is required and ensuring quality documentation supporting legal compliance efforts....
April 25, 2013 8:08 PM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksEven when compliance requirements extend internationally, managerial responsibility to prevent and detect illegal acts continues without regard to organizational formation origin. Given this fiduciary obligation, an entity’s management typically utilizes policies, directives, procedures,...
April 21, 2013 2:16 AM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksWhen links between national and international arenas are considered, international developments have decisively impacted national laws. Specifically; regional coalitions have enacted IAP related edicts that subsequently were codified in national laws and regulations. Procedurally, most regional...
April 19, 2013 2:35 AM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksThere are numerous global, regional as well as national laws and regulations focusing on IAP that require professional consideration. In particular, at the global level, the World Intellectual Property Organisation (WIPO) and World Trade Organization (WTO) have constructed legally binding...
April 14, 2013 2:49 AM
Posted by: Robert Davis
Information Assets Protection,
Information Security,
Information Security Governance,
Information Security Management,
IT Controls,
Security FrameworksGenerally, determining an entity’s legal mandates exceeds the security function’s ambit. Nonetheless, overseeing applicable legally required control composition, implementation and evaluation are occupational security imperatives. To reduce potential negative effects of cross-compliance as...
