Print
Infosec Policies - Role of Attorneys
May 29, 2007 – 7:14 am by Lance Michalson
Attorneys play a crucial role in assisting an organisation in implementing information security policies and practices. Their responsibilities include, amongst other things
- acting as a liaison between the Board of Directors and management, who hold the fiduciary duty for the organisation’s intangible assets, and the security specialists who seek to protect those assets;
- providing guidance in the drafting and implementing of the organisation’s information security policies and ensuring compliance with those policies;
- understanding and developing compliance strategies for security obligations resulting from statutory and non-statutory sources of legal obligations;
- monitoring developments in law regarding negligence and other forms of liability in order to advise the organisation what the current duty of care encompasses
- drafting agreements to delineate responsibilities for ensuring security, managing the risks relating to information security and providing advice on ways to minimise contractual and other potential liability that may result from security breaches.
Similar:
- Information Security Policies support Compliance
- Measures to be taken by companies to guarantee security of Internet transactions
- What is information security?
- Types of Policies on Offer
- Appointment of Information Officer template
You must be logged in to post a comment.