Print
Information Security Legal Audit
05/08/2010 – 9:00 am by Lance MichalsonOrganisations have a keen appreciation that information has value, which people are prepared to pay for (hence the increase in identity theft, industrial espionage, etc.). All companies have a legal obligation to address information security issues and the challenge is to identify precisely what they are obliged to do and what the scope of their legal obligations are to implement information security measures. This is going to become particularly important once the Protection of Personal Information Bill (POPI) becomes law.
Information security issues are amongst others addressed through the use of proper technology and policies. We focus on the policy component: polices are essential in minimising exposure to vicarious liability, assisting protect trade secrets, confidential and proprietary information, document and support compliance with laws, provide evidence needed for legal proceedings and probably most importantly, help avoid allegations of negligence.
We perform a GAP analysis where we:
- Assess the extent to which an organisation’s information security practices are “compliant” with applicable ICT law and
- Assess the information security legal risks .
Where necessary, we recommend solutions which would ensure compliance with South African regulatory requirements and implement best practice where sound business practice, rather than a legal requirement, dictate that risk be managed.
For further information please contact infosecaudit@michalsons.com
If you want to find out more about infosec go to Online Legal.
Click here to test your awareness of Technology Laws.
Similar Posts:
- Document Imaging Audit
- Draft and Review Information Security Policies
- Web site Audit
- eCommunications Monitoring Audit
- Reasons for conducting an IT Governance Legal Audit
Sorry, comments for this entry are closed at this time.