United Kingdom, Minstry of Justice Data Protection Web Site resource Agency Guidances OCEG Reviewed
Guidance for professionals and practitioners on application of the Data Protection Act 1998.
High Performers and Foundational Controls: Building a Strategy for Security and Risk Management (January 2011) resource White Papers OCEG Reviewed
Overview: In this paper, EMA examines the broad domains of controls enterprises must consider in order to build a solid foundation for IT security management: Countering threats, Resolving vulnerabilities (in more than just software), Managing application risks, Protecting sensitive information, Managing and enforcing identity, access and entitlements, Managing events and
Cyberspace: United States Faces Challenges in Addressing Global Cybersecurity and Governance (GAO, 2010) resource Research / Studies OCEG Reviewed
Recent foreign-based intrusions on the computer systems of U.S. federal agencies and commercial companies highlight the vulnerabilities of the interconnected networks that comprise the Internet, as well as the need to adequately address the global security and governance of cyberspace. Federal law and policy give a number of federal entities responsibilities for representing U.S.
A New Era of Compliance: Raising the Bar for Organizations Worldwide (RSA, October 2010) resource Research / Studies OCEG Reviewed
October 11, 2010 - RSA released a new report produced in concert with its Security for Business Council (SBIC).
International Data Protection and Privacy Law (2009) resource Articles OCEG Reviewed
Author: Dowling, Jr., Donald C.; White & Case LLP
Managing Data in Latin America (2007) resource White Papers OCEG Reviewed
Introduction: "With so much data privacy activity focused on the United States, the European Union, and Asia, it’s easy to overlook our neighbors to the south – Latin America. Ironically, the region has some of the most unique and diverse privacy laws in the world, along with a growing need for more."
EU, Working Document: Transfers of personal data to third countries: Applying Article 26 (2) of the EU Data Protection Directive to Binding Corporate Rules for International Data Transfers (2003) resource National Laws OCEG Reviewed
As adopted on June 2, 2003.
EU 1995 Data Protection Directive resource National Laws OCEG Reviewed
As posted on the European Commission's Data Protection legislative documents website.
Formal Title: Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data