Due Care & Due Diligence

Hello,

Please share some examples of Due Care & Due Diligence activities

Thanks

Find more posts tagged with

Comments

Old but good thread that touches on this: http://www.techexams.net/forums/security-certifications/11395-describe-main-differences-due-dilligence-due-care.html

gespenstern

Due care: set up proper permissions for a new user, apply security patches in time, put a lock on a door to restricted area.
Due diligence: be aware of new vulnerabilities, know regulations that apply to you, pay attention to alerts in your SIEM.

Terminator X

Simply, Due diligence is the "knowing" and due care is the "doing"!

ecuison

+1

I was taught,

Due Diligence - Is the information gathered (Vulnerability Scans and assessment as an example)
Due Care - Is the action you take on the information (Vulnerability Remediation of findings)

ScottFiesta

I just came across this, possibly the least useful thing I've ever seen, definition of Due Diligence in a CISSP question bank:
"Due diligence can be considered an ethereal concept that is often judged against a continually moving benchmark."

ankurj.hazarika

ScottFiesta wrote: »

I just came across this, possibly the least useful thing I've ever seen, definition of Due Diligence in a CISSP question bank:
"Due diligence can be considered an ethereal concept that is often judged against a continually moving benchmark."

This is emanated from the fact that, "If you can't convince, confuse."

Brain-D

ankurj.hazarika wrote: »

This is emanated from the fact that, "If you can't convince, confuse."

+1

Brain-D