Information transfer rules, procedures, or agreements should be in place for all types of transfer facilities within the organisation and between the organisation and other parties.
To help the organisation maintain a well-defined structure of transferring digital and paper-based information internally and externally.
The updated information transfer focuses on a more detailed approach rather than a generic recommendation. Information Transfer control suggests that the organisation should have controls in place to ensure that incidents such as interception, unauthorised access, misrouting, modification, and destruction are avoided. It further includes the concept of non-repudiation, which simply means that a person(s) doing something wrong should not be able to walk away by neglecting their actions; therefore, it is recommended that organisations should have proper rules, procedures and agreements in place while transferring any type of information both in physical and digital form. This control considers three types of information transfer, namely, Physical, Electronic and Verbal. It further provides details regarding how each of these methods should be handled, and the required steps to take.
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.