week11 - Week 11 ITC482 Computer Management & Security...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
ITC482 Computer Management & Security Week 11 Management of Information Security - Chapter 11 Slide 2 Learning Objectives: Upon completion of this chapter, you should be able to: Differentiate between law and ethics Identify major national and international laws that relate to the practice of information security Understand the role of culture as it applies to ethics in information security Access current information on laws, regulations, and relevant professional organizations
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Management of Information Security - Chapter 11 Slide 3 Introduction As a future information security professional, it is vital that you understand the scope of an organization’s legal and ethical responsibilities To minimize the organization’s liabilities, the information security practitioner must understand the current legal environment and keep apprised of new laws, regulations, and ethical issues as they emerge By educating employees and management about their legal and ethical obligations and the proper use of information technology and information security, security professionals can keep an organization focused on its primary objectives Management of Information Security - Chapter 11 Slide 4 Law and Ethics in Information Security Laws are rules adopted and enforced by governments to codify expected behavior in modern society The key difference between law and ethics is that law carries the sanction of a governing authority and ethics do not Ethics are based on cultural mores: relatively fixed moral attitudes or customs of a societal group
Background image of page 2
Management of Information Security - Chapter 11 Slide 5 The Legal Environment The information security professional and managers involved in information security must possess a rudimentary grasp of the legal framework within which their organizations operate This legal environment can influence the organization to a greater or lesser extent, depending on the nature of the organization and the scale on which it operates Management of Information Security - Chapter 11 Slide 6 Types of Law Civil law pertains to relationships between and among individuals and organizations Criminal law addresses violations harmful to society and is actively enforced and prosecuted by the state Tort law is a subset of civil law that allows individuals to seek recourse against others in the event of personal, physical, or financial injury
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Management of Information Security - Chapter 11 Slide 7 Types of Law (continued) Private law regulates the relationships among individuals and among individuals and organizations, and encompasses family law, commercial law, and labor law Public law regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments, and includes criminal, administrative, and constitutional law Management of Information Security - Chapter 11 Slide 8 Table 11-1 Relevant U.S. Laws
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 26

week11 - Week 11 ITC482 Computer Management & Security...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online