Sharing Information

Sharing information between different divisions, groups or sections of your organisation is often necessary for the business or organisation to function. This raises Information Security issues.

To view the related Policy click      

  • Confidential data that is not protected from, or released to, unauthorised parties is a fundamental Information Security failure which can lead to prosecution where the organisation's management has failed to execute its duty of care.

  • A duty of care and diligence is required to protect information especially that which can be classified as 'personal'. See UK Data Protection Act.
  • Based upon the sensitivity of the information, you must define what information may be released to which people.
  • Unless the information is classified as 'Public', it should be restricted to those who have legitimate need. Such restrictions can be imposed through software and hardware Access Controls. See also Classifying Information and Data.
  • The inappropriate and possibly unlawful release of information may result in legal liability and prosecution.

  • Comply with the relevant legislation by ensuring that your staff are not only aware of their responsibilities, but that adequate procedural and possibly technical controls are in place to enforce it. See Being Aware of Legal Obligations.
  • Release of certain data, even if inadvertently, to other parts of your organisation may contravene legal and / or other regulations, and could lead to prosecution or other penalties.

  • Disclosure of sensitive information to other parts of the organisation, which may be separate legal entities, must not contravene legal regulation or possible statutory guidelines.
  • The recipient of the information, or the recipient's systems, may jeopardise the confidentiality of sensitive documents and data, thereby becoming a security threat which could be exploited.

  • For each classification standard of data (See Classifying Information and Data) the same level of safeguards must be in place. If there is doubt, do not transmit the data.
Previous PageTop of this pageNext Page


Information Security Policies from US$595

 From
 US$595

Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word

 

Next PageUpPrevious Page