Corroborative intersection of the information security standards and the legal framework on data management
This paper examines the intersection between the industrial standards and the legal framework in defining the scope of information security obligations in relation to the management of data and information assets. It undertakes two primary tasks; namely assessing the scope of legal compliance as st...
| Main Author: | |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/11949/ http://irep.iium.edu.my/11949/ http://irep.iium.edu.my/11949/1/05380631.pdf |
| Summary: | This paper examines the intersection between the industrial standards and the legal framework in defining the scope of information security obligations in relation to the management of data and information assets. It undertakes two
primary tasks; namely assessing the scope of legal compliance as stated in the internationally-accepted information security standards, in particular the Information Security Management Standards (ISMS); and identifying the legal trends adopted by laws in major jurisdictions, especially the UK and the US. It found that the intersection between the standards and the law is crucial and corroborative; one is found to compliment the
other. |
|---|