IT Governance, Risk, and Compliance

May 9 2013   9:41PM GMT

Revisiting the Safeguarding of Information Assets – Part XIV

Robert Davis Robert Davis Profile: Robert Davis

Information systems related due care dictates appropriate data security due diligence activities. Interpretively, an entity’s information systems should represent resources committed to collecting data, processing transactions, and communicating operational results within defined legal limits. An entity’s management, through deployed governance, “must ensure due diligence is exercised by all individuals involved in the management, use, design, development, maintenance or operation of information systems.” Therefore, managerial due care and due diligence enables compliance with IAP legal requirements. Managerial due care redresses activity responsibility, whereby due diligence includes continuously promoting compliance. For instance, IAP legal compliance procedures should be set by top management and continually promoted by example.


Davis, Robert E. IT Auditing: IT Governance. Mission Viejo, CA: Pleier Corporation, 2006. CD-ROM.

ISACF. Framework. In COBIT: Governance, Control and Audit and Related Technology. 3rd ed. Rolling  Meadows, IL: ISACF, 2000.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: