Data-Centric Security - A CICA White Paper

In most organizations, data that was once static and stored in one place now moves freely from platform to platform throughout the organization and beyond. Because data is now often generated and modified by users and is resident in different forms and versions in different places simultaneously, maintaining a secure environment is a growing challenge. A White Paper issued by the Canadian Institute of Chartered Accountants (CICA) suggests that a data-centric policy should be the focus for management, auditors and others involved in securing data in this new mobile environment. The term “security” is taken in its broadest sense to include confidentiality, integrity (accuracy, completeness and validity) and availability. (Read the CICA publications on Data-Centric Security and

20 Questions Directors Should Ask About IT Security.)