Subject: | |
From: | |
Reply To: | |
Date: | Thu, 16 Jun 2011 08:20:23 +0400 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
>So, if an IT manager asked you "What does records management have to do
>with information security?" how would you answer him/her?
In my lectures on the topic, I emphasize that IS usually ignores paper
records and knowledge in the heads of the employees. RM ensures the security
of the former and to a degree (sometimes together with HR etc.) of the
latter.
The information sometimes is well-protected in the e-form (with access
rights granularity at level of separate records) but easy to obtain in the
paper archive – because access controls are not aligned.
As ISO 27002:2005 "Code of practice for information security management"
says (sec.0.1) "Information can exist in many forms. It can be printed or
written on paper, stored electronically, transmitted by post or by using
electronic means, shown on films, or spoken in conversation. Whatever form
the information takes, or means by which it is shared or stored, it should
always be appropriately protected."
Regards,
Natasha
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]
|
|
|