As regulations and privacy laws require ‘reasonable security’, we are seeing more organizations focusing on their duty of care to all interested parties. There are more references to ‘reasonableness’ in breach litigation, and inquiries in how company security programs are implementing reasonable controls.
Professionals seek answers for their specific working environment. Each organization also follows various standards, which can be a challenge. One approach that integrates this process is the Duty of Care Risk Analysis (DoCRA). It provides guidance on how to establish reasonable security.
Read full article at Techbullion.