Legal and Regulatory Issues
Though general understanding of the major legal systems and their types of law is really essential, it is critical that information security professionals understand the concepts described in the next section.
Of course with the ubiquity of information systems, data and applications comes a host of legal issues that require attention.
Compliance with Laws and Regulations
Complying with laws and regulations is a priority for top information security management, both in the real world and on the exam.
An organization must be in compliance with all laws and regulation that ought to apply with it. The ignorance of the law is never a valid excuse for breaking the law.
Major Legal Systems
In order to start to appreciate the common legal concepts at work in today’s global economy, an understanding of the major legal systems is required.
These legal systems provide the framework that determines how a country develops laws pertaining to information systems in the first place. The three most major systems of the law are civil, common, and religious law.
Civil Law (legal system)
The most common of the major legal system is that of civil law, which is basically employed by the many countries throughout the world.
The system of civil law leverages codified laws or statutes to determine what is considered to be within the bounds of law.
Though a legislative branch typically wields the power to create laws, there will still exist a judicial branch that is tasked with interpretation of the existing laws.
The most significant difference between civil and common law is that under civil law judicial precedents and particular case rulings do not carry the weight they would have under common law.
Common law is the legal system used in the United States, Canada, the United Kingdom, and the most former British colonies, amongst others.
As we can see by the short list above, English influence has historically been the main indicator of common law being used in a country.
The primary distinguishing feature of common law is the significant emphases on particular cases and judicial precedent as determinants of laws.
Though there is a typically also a legislative body tasked with the creation of new statutes and laws, judicial rulings can at times supersede those laws.
Because of the emphasis on judges’ interpretations, there is significant possibility that as society changes over time, so can judicial interpretations.
Religious and Customary law
Religious law serves as the third of the major legal systems. Religious doctrine or interpretation serves as the primary source of legal understanding and statutes.
While Christianity, Judaism, and Hinduism have all had significant influence on a national legal systems, Islam serves as the most common source for religious legal systems.
Sharia is an example of Islamic Law that uses the Qur’an and Hadith as its foundation.
Customary law refers to those customs or practices that are so commonly accepted by a group that the custom is treated as a law.
These practices can be later codified as laws in the more traditional sense, but the emphasis on the prevailing acceptance of a group is quite important.