Similar to reviewing security policies, a CASP+ might need to review business documents such as disclosure agreements or service agreements. You might be asked to review such a document by the company lawyer or a senior executive familiar with the conditions of the document, but not necessarily have the technical expertise to assess its feasibility. 1. Does your company have or make use of an NDA? If no, an NDA should be created. 2. Is the existing or proposed NDA a one-way or a two-way NDA? A one-way NDA protects only the information of the company. Two-way NDAs are designed to protect the confidential information of both the client and the company. 3. Does the NDA clearly define confidential information? 4. Are controls put in place to protect confidential information? 5. What are the obligations of the receiving party? What level of protection must they apply to the information they have received? 6. What time period applies to the NDA? Most NDAs don’t last forever and have a time period applied—such as 1 year, 6 years, or 10 years. 7. Based on the previous questions, are you happy with your findings?
Similar to reviewing security policies, a CASP+ might need to review business documents such as disclosure agreements or service agreements. You might be asked to review such a document by the company lawyer or a senior executive familiar with the conditions of the document, but not necessarily have the technical expertise to assess its feasibility. 1. Does your company have or make use of an NDA? If no, an NDA should be created. 2. Is the existing or proposed NDA a one-way or a two-way NDA? A one-way NDA protects only the information of the company. Two-way NDAs are designed to protect the confidential information of both the client and the company. 3. Does the NDA clearly define confidential information? 4. Are controls put in place to protect confidential information? 5. What are the obligations of the receiving party? What level of protection must they apply to the information they have received? 6. What time period applies to the NDA? Most NDAs don’t last forever and have a time period applied—such as 1 year, 6 years, or 10 years. 7. Based on the previous questions, are you happy with your findings?
Management Of Information Security
6th Edition
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:WHITMAN, Michael.
Chapter6: Risk Management: Assessing Risk
Section: Chapter Questions
Problem 1E
Related questions
Question
Similar to reviewing security policies, a CASP+ might need to review business documents such
as disclosure agreements or service agreements. You might be asked to review such a document
by the company lawyer or a senior executive familiar with the conditions of the document, but
not necessarily have the technical expertise to assess its feasibility.
1. Does your company have or make use of an NDA? If no, an NDA should be created.
2. Is the existing or proposed NDA a one-way or a two-way NDA? A one-way NDA protects
only the information of the company. Two-way NDAs are designed to protect the confidential
information of both the client and the company.
3. Does the NDA clearly define confidential information?
4. Are controls put in place to protect confidential information?
5. What are the obligations of the receiving party? What level of protection must they apply to
the information they have received?
6. What time period applies to the NDA? Most NDAs don’t last forever and have a time period
applied—such as 1 year, 6 years, or 10 years.
7. Based on the previous questions, are you happy with your findings?
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by step
Solved in 3 steps
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Recommended textbooks for you
Management Of Information Security
Computer Science
ISBN:
9781337405713
Author:
WHITMAN, Michael.
Publisher:
Cengage Learning,
Principles of Information Security (MindTap Cours…
Computer Science
ISBN:
9781337102063
Author:
Michael E. Whitman, Herbert J. Mattord
Publisher:
Cengage Learning
Management Of Information Security
Computer Science
ISBN:
9781337405713
Author:
WHITMAN, Michael.
Publisher:
Cengage Learning,
Principles of Information Security (MindTap Cours…
Computer Science
ISBN:
9781337102063
Author:
Michael E. Whitman, Herbert J. Mattord
Publisher:
Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:
9781305082168
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning
Principles of Information Systems (MindTap Course…
Computer Science
ISBN:
9781305971776
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:
9781337097536
Author:
Ralph Stair, George Reynolds
Publisher:
Cengage Learning