Definition of Corporate Compliance
What is Corporate Compliance?
Corporate Compliance are systems or departments at corporations and public agencies to ensure that personnel are aware of and take steps to comply with relevant laws and regulations.
|
|
Corporate Compliance
|
|
Laws of Canada as they Pertain to Computer Crime
This paper examines the existing laws in the Criminal Code of Canada as they pertain to computer crime. For the purpose of this paper, the definition of computer crime will be that of the Investigation Bureau of the Ontario Provincial Police: any criminal activity involving the copy of, use of, removal of, interference with, access to, manipulation of computer systems, and/or their related functions, data or programs (Stinnissen, p.3). The objective is to assess the laws as they stand and examine whether Canada is falling behind the times or a leader in the international fight against computer crime. The paper begins with an overview of the applicable sections of the Criminal Code of Canada, followed by cases of computer criminals that have been arrested in Canada. Opinions on both sides of the debate are presented. The paper concludes that there are other remedies that could be implemented that would help win the war on computer crime to a much greater degree.
Read the Article
|
Canadian Civil Liberties vs. Public Security: Post Crisis, Have the Terrorists Won?
One of the goals of security is to protect something that is valuable to an individual, a business, or an entity without taking away key attributes for survival. Just like a business creates policy to protect its business functions, a government creates laws to make sure its citizens can continue their way of life. The Personal Information Protection and Electronic Documents Act represents a good example of an act that upholds citizens' right to privacy. This is legislation created to protect the citizens. The legislation was undertaken in a responsible manner that balanced the needs of the citizens against the needs of business. During the October Crisis, the Canadian government suspended civil liberties in order to face down a threat. The end result of that predicament was a country that continued with what the society deemed important.
Read the Article
|
DITSCAP - DoD's Answer to Secure Systems
The majority of you will ask yourself a few simple questions "why?... Why should I care? Why should I be concerned or interested in reading about a government bureaucratic process?" Another group may ask, "how can I get my share of the pie." The security professional's question might be "how can I leverage the government's work for my own benefit?" A final group may shrug it off and say it will never impact me. A simple answer would be it's your money, to the tune of several billion dollars per year! The intent of this paper is to provide insight into a process that is rapidly being adapted, in part or as a whole, by an increasing number of local governments, the medical industry, and corporate America. After all "a risk assumed by one is imposed on all" is never more true than in today's increasingly interrelated world.
Read the Article
|
Malaysian Law and Computer Crime
This paper attempts to describe the Malaysian Computer Crimes Act 1997 (CCA 1997) and provide important guidelines for a successful computer crime investigation. The enactment of the CCA 1997 is a step in the right direction for a developing country such as Malaysia as she attempts to push herself towards a Knowledge-based economy. However, having laws alone will not be sufficient to carry out trials against cyber criminals. We will be looking into other important elements in a computer crime case, which includes good criminal investigation and the need to maintain close cooperation between different organizations and countries. In addition, this paper will also briefly look at notable computer crime cases, especially those in the United States. By understanding the nature of these cases, we would be able to greatly appreciate some of the more "common" threats that are often neglected or taken for granted.
Read the Article
|
South Africa - Computer Misuse Act, Proposed.
In 1997 a Commission was started to investigate computer-related crime in South Africa (SA). The Commission released a very exciting proposal, called Discussion Paper 99, which if adopted will change the way the SA law system deals with computer misuse. This paper looks at this proposed act as well as its application in today's computer environment. *imprisonment for a period not exceeding 5 years. *imprisonment for a period not exceeding 10 years. These are the promising proposed penalties of Discussion Paper 99 for different computer offences of a country that seems to be taking a stand on computer crimes in their different forms. With this type of proposed legislation and penalties one feels a lot more confident about technology performing critical functions in the different spheres of human life such as commerce, banking, health and government services.
Read the Article
|
A Survey of Recent Threats to Privacy Rights
Ways in which governments have attempted to use specific technologies to deprive people of their right to privacy. Technology, though, can of course also be used to protect, enhance and extend our individual liberties. It is our responsibility as citizens to act and vote in ways that ensure this comes to pass. In Canada, the Constitution Act of 1982 incorporated the Charter of Rights and Freedoms, which expresses the fundamental right of all people to "freedom of thought, belief, opinion and expression, including freedom of the press and other media of communication"4. Extending these points, the Privacy Act (revised in 1985)5 and the Personal Information Protection and Electronic Documents Act of 2000 6 clarify public and private sector responsibilities regarding privacy, which the Canadian Supreme Court has called the "most important value - grounded on physical and moral autonomy - at the heart of liberty in a democratic state".
Read the Article
|
Encryption Regulation: A First Amendment Perspective
The methods by which we communicate with each other are changing rapidly. Advances in technology have allowed us to move away from traditional paper-based media to the digital communications of the Internet, which has in turn created new challenges to the security and privacy of the data flowing over it. Envelopes and locked filing cabinets are being replaced by cryptographic security techniques such as encryption in an attempt to keep private information private. Through the use of cryptography, communications and information transmitted and stored by computers can be protected from unauthorized access. Previously, businesses carried out electronic transactions over closed networks, pre-existing contractual relationships were often in existence, and there was little doubt as to the authenticity of the sender or receiver of information.
Read the Article
|
Convention on Cybercrime: Overview
Convention on Cybercrime: an overview. By Edgar Danielyan. Published in the login magazine (USENIX Association).
Read the Article
|
Crossing the Line: Ethics for the Security Professional
We often hear of the "hacker" who breaks into a system and steals credit card numbers, releases a destructive worm or maybe defaces a website. What do you think about his actions? Are they ethical? Unethical? I think most of us would agree that this constitutes unethical behavior. What about us though? How are our actions viewed when we, in defense of our clients networks or our own networks, engage in activities similar to the above mentioned hacker. I will briefly talk about several systems of ethics and then we will apply them to situations that we as IT security personnel face. Hopefully this will give you a framework for making ethical decisions within the framework of this job. We will find through this analysis that we have to hold ourselves to an even higher standard than that to which we hold the average computer users or even hackers.
Read the Article
|
Implementing a Local Security Program to Protect National Infrastructure System Companies and Facilities
The purpose of my paper is to first review the macro-level issues involved in the need for a national level infrastructure protection program. In fact many of these major issues have already been very well examined in other SANS papers.3,4,5,6 However, I want to transition from these macro-level issues and then focus on those pertinent threats and developments that drive the need for specific security programs at the local infrastructure company level. These key infrastructure elements include the gas, oil, water, electricity, and transportation companies which are the life blood of our country and commerce.
Read the Article
|
|
|
Page: 1 2 3 4 5
Members currently browsing this category:
|
|
