chapter03 - CISE 200: Info to Security Fundamentals Fall -...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
CISE 200: Info to Security Fundamentals Fall - 2011
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Class Schedule Administration Lecture Homework Assignment Exam 01 Principles of Information Security, 2nd Edition 2
Background image of page 2
Principles of Information Security, 2nd Edition 3 Differentiate between laws and ethics Identify major national laws that relate to the practice of information security Understand the role of culture as it applies to ethics in information security Learning Objectives Upon completion of this material, you should be able to:
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 2nd Edition 4 Introduction You must understand scope of an organization’s legal and ethical responsibilities To minimize liabilities/reduce risks, the information security practitioner must: Understand current legal environment Stay current with laws and regulations Watch for new issues that emerge
Background image of page 4
Principles of Information Security, 2nd Edition 5 Law and Ethics in Information Security Laws : rules that mandate or prohibit certain societal behavior Ethics : define socially acceptable behavior Cultural Mores : fixed moral attitudes or customs of a particular group; ethics based on these Jurisdiction : court's right to hear a case if the wrong was committed in its territory or involved its citizens Note: Laws carry sanctions of a governing authority; ethics do not
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 3rd Edition 6 Organizational Liability and the Need for Counsel Liability: legal obligation of an entity extending beyond criminal or contract law; includes legal obligation to make restitution Restitution: to compensate for wrongs committed by an organization or its employees Due Care : insuring that employees know what constitutes acceptable behaviour and know the consequences of illegal or unethical actions Due Diligence : making a valid effort to protect others; continually maintaining level of effort
Background image of page 6
Types of Law The basic divisions in the U.S. legal system are the criminal, civil, and administrative. Criminal laws are statutes enacted to maintain order in society. Compensating individuals who have been injured physically or economically is a civil law problem. Administrative law is concerned with the promulgation and enforcement of regulations by administrative agencies. Principles of Information Security, 2nd Edition 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Types of Law Civil : A civil wrong may be defined in statute, or it may be established by previous court decisions. Civil lawsuits involve personal injuries, business disputes, land deals, libel and slander, and various other commercial interests. Civil law actions must be brought by an attorney hired by the injured party (the plaintiff) against the alleged wrongdoer (the defendant). The parties in a civil case may be individuals, corporations, or the state itself. The civil law is concerned with the peaceable resolution of
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 45

chapter03 - CISE 200: Info to Security Fundamentals Fall -...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online