Sec Policies (International)

Below are two discussion posts that need answerd with at least 200 Words for each post. Please provide at least two references for each post. 

 

 

 

Determining International Information Security Risks

Organizations doing business outside the United States have a duty to follow information security and privacy policies enacted by the host countries in which these organizations are doing business. An example of common laws specific to individual nations are laws pertaining to privacy and to the use of encryption.

You are charged with recommending strategies for risk mitigation for a U.S. publisher who has chosen to do business in Great Britain, France, Germany, Japan, and Pakistan.

Use the study materials and engage in any additional research needed to fill in knowledge gaps. Then discuss the following:

  • Describe the steps necessary to determine what specific information security and privacy rules might impact the organization doing business in these countries.
  • Identify the process that will identify how well the organization is in compliance with privacy and information security laws specific to the countries in which this organization plans to do business.
  • Explain strategies for how this organization can remain in compliance with any changes or any new laws that might be enacted in the future by the countries in which this organization plans to do business.

 

Information Security Planning for Global Business

 

The use of encryption has always been a controversial practice that governments all over the world, including the United States, have tried to control through laws and regulations. The reality is that an increasing number of information security controls rely on encryption in some form or fashion as an important component of how the control works to enforce information security and privacy.

You are hired by a very ambitious manufacturer or a new food supplement that is marketed as a revolutionary weight-loss product. The owner of this company is well known to be very paranoid about intellectual property theft and so relies heavily on encryption to control access to all the research and sales data generated as part of this business. This owner is determined to find a sales representative in every country in the world to sell his product in their particular region. Your task is to determine all the global laws and regulations that would impact his ability to continue to use strong encryption throughout all aspects of his organization, including those affecting these prospective sales representatives.

Use the study materials and engage in any additional research needed to fill in knowledge gaps. Then discuss the following:

  • Describe the steps necessary to determine what global encryption laws and regulations exist that would impact the organization doing business overseas.
  • Identify the process that the organization will follow to determine how to implement controls to enforce these laws and regulations and to avoid an international incident.
  • Explain strategies for how this organization can remain in compliance with any changes or any new encryption-related global laws that might be enacted in the future by the countries in which this organization plans to do business.

 

Leave a Comment

Your email address will not be published. Required fields are marked *