Question

In: Computer Science

In 200 words or more, Describe the role of due care and due diligence in terms...

In 200 words or more, Describe the role of due care and due diligence in terms of their role in reducing liability exposure.

Solutions

Expert Solution

Effectively, the notion of due care as far as information security goes is something of a double-edged sword. You either wait for regulators and government officials to come out with standards that you need to follow in order to ensure that your organization is truly secure, or you take a more proactive approach. There have been countless organizations and agencies that have waited until the government has stepped in – or until their security has been compromised – before they have taken appropriate measures to ensure their security has been improved.

However, if one was to follow a standard of due care in order to ensure that their information security is not compromised, a certain level of proactivity is necessary. The creation of a culture of security is a priority, across all levels of any organization, in order to protect the organization’s brand – their mark on the world. If the brand becomes associated with a notion that security is not a priority, then organizations have to work especially hard to regain that image in their clients’ eyes.

Due care also means that there is such a thing as bad public relations. Companies don’t want to be known for their information security breaches. That’s a certain way to have their reputations be colored negatively and to lose credibility, in addition to losing that all-important client base.

What we are effectively looking at as far as due care is concerned is ongoing maintenance to ensure things are in proper order. If the due care is implemented as a result of a contract requirement, a regulation, or law, you absolutely must abide by that standard established within. The direct opposite of due care is negligence.

Due diligence is simply a matter of understanding the ins and outs of your information security policies and procedures. However, in order to truly demonstrate due diligence when it comes to information security, businesses must focus a narrow lens on their own information security in addition to being mindful of global laws and regulations which may have an impact on their operations.

There is also the notion that businesses everywhere are trying to cut costs, which may lead to a cutback in focus on due diligence on information security. There are very few businesses that are trying to reduce overall costs lately, and as a result, there’s an increase in outsourcing which, in turn, may lead to increased risk overall. It’s critical for supervisors and board members to provide ongoing supervision to ensure the safety of information assets throughout any outsourcing efforts.

A framework for due diligence should also be made part of the quality assurance process. In doing so, businesses can then cut their potential for risk throughout their information security systems. In addition, businesses could then potentially realize savings and, because they are taking greater care with their information security processes, potentially realize further profits being made.

Put simply, the opposite of due diligence would be “not doing your homework” or simply approaching your work in a haphazard manner. Examples of this as far as CISSP goes would be not examining the terms of the framework and scope of pen testing prior to engaging in the test or going ahead to do the test without ensuring you have the proper authorization to get the job done. Not following the practices of due diligence could lead to your dismissal from a contract or worse, legal trouble because you were caught doing something you shouldn’t be doing.


Related Solutions

Should directors and other officers of a company exercise their duties with ‘due care and diligence’?...
Should directors and other officers of a company exercise their duties with ‘due care and diligence’? Does the ‘business judgment rule’ protect them if their decisions are not in favour of the company?
In 200 words or more, What are the main differences in the role of financial accounting...
In 200 words or more, What are the main differences in the role of financial accounting and managerial accounting? Original work please
Explain the term ‘due diligence’. Discuss at least three components that affect the due diligence process.
Explain the term ‘due diligence’. Discuss at least three components that affect the due diligence process.
in not more than 500 words explain the role of the local government in health care...
in not more than 500 words explain the role of the local government in health care delivery
In 200 words or more, describe the similarities and differences between neurotransmitters and hormones.
In 200 words or more, describe the similarities and differences between neurotransmitters and hormones.
In a minimum of 200 words or more, describe the issues regarding the validity of LIBOR...
In a minimum of 200 words or more, describe the issues regarding the validity of LIBOR rate before and during the financial crisis.(please i need 200 words, thank you)
In 500 words Define each of these topics and give examples 1. Due diligence 2. regulations...
In 500 words Define each of these topics and give examples 1. Due diligence 2. regulations 3. compliance 4. risk based processes **** please try answer it as document
What does Circular 230 mean by "due diligence"? Does due diligence mean auditing all of a clients records?
What does Circular 230 mean by "due diligence"?  Does due diligence mean auditing all of a clients records? Does the level of review depend on the circumstances?
In no more than 350 words, describe the role of a Physician Assistant (PA).
In no more than 350 words, describe the role of a Physician Assistant (PA).
in 100 words or more for each response 1. Describe the role of sodium in the...
in 100 words or more for each response 1. Describe the role of sodium in the production and secretion of thyroid hormones. Be detailed in your response and be sure to fully describe any pathways involved. 2. Opioids and mental illness are known causes of gNrh inhibition. Time magazine recently published a spotlight review on the rise of anxiety, depression, and the opioid crisis in America. According to this new data, what pathophysiological impacts would this have on young people...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT