1. (Whitman & Mattord, 2011, p. 114) What is the difference between law and ethics?
The difference between law and ethics is that law is a set of rules and regulations that are universal and should be accepted and followed by society and organizations. Ethics refers to the beliefs and customs that help shape the character of individuals and how people interact with one another
2. ...view middle of the document...
Is the data confidential, or will it be accessed by anyone? Will it be protected from others? Can you expect reasonably that your personal/confidential information will be protected?
3. (Whitman & Mattord, 2011, p. 114) How does the Sarbanes-Oxley Act of 2002 affect
information security managers?
4. (Whitman & Mattord, 2011, p. 114) How is due diligence different from due care? Why are both important?
When organizations adopt levels of security for a legal defense, they may need to show that they have done what any prudent organization would do in similar circumstances. This is referred to as a standard of due care.
Due diligence is the demonstration that the organization is diligent in ensuring that the implemented standards continue to provide the required level of protection.
5. (Whitman & Mattord, 2011, p. 114) What is a policy? How is it different from a law?
6. (Whitman & Mattord, 2011, p. 114) What is the best method for preventing an illegal or