- Policy and Process Life Cycle Management
- Support Legal Compliance and Advocacy
- Common Business Documents to Support Security
- Security Requirements for Contracts
- General Privacy Principles for Sensitive Information
- Support the Development of Policies Containing Standard Security Practices
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Review Questions
This chapter is from the book
This chapter is from the book
This chapter is from the book
Support Legal Compliance and Advocacy
An organization should involve its human resources department, legal department or legal counsel, senior management, and other internal and external entities in its legal compliance and advocacy program. Legal compliance ensures that an organization follows relevant laws, regulations, and business rules. Legal advocacy is the process carried out by or for an organization that aims to influence public policy and resource allocation decisions in political, economic, and social systems and institutions.
Human resources involvement ensures that the organization is addressing all employment laws and regulations to protect its employees. Human resources professionals can help guide an organization’s security policies to ensure that individual rights are upheld while at the same time protecting organizational assets and liability. For example, an organization should ensure that a screen is displayed at login that informs users of the employer’s rights to monitor, seize, and search organizational devices to reduce the likelihood of related legal issues. Then, if a technician must take an employee’s workstation into custody in response to an investigation, the organization is protected. Both the HR and legal departments should be involved in creating the statement that will be displayed to ensure that it includes all appropriate information.
