[Cisspstudy] Downstream liabilities

[Terese Matchim]

As stated in my prior email, I took the statement from the Trancender study guide.  Each organization is under a legal contract with each other.  Legal departments are going to work out the details, to ensure that both or all companies are compliant with regulations.  Remember the exam is high level you need to know the concept of what downstream liability is.

Terese
________________________________
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org] On Behalf Of Jonus Gerrits
Sent: Monday, October 26, 2009 1:59 PM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Downstream liabilities

Are you sure about the quoted infomation.  Who is responsible for what?

Jous
On Mon, Oct 26, 2009 at 1:52 PM, Terese Matchim <TMatchim at calstrs.com<mailto:TMatchim at calstrs.com>> wrote:
This is a definition by Trancender study guide:


 "Downstream liabilities ensure that organizations working together under a contract are responsible for their information security management and the security controls deployed by each organization"
Terese Matchim
CalSTRS, Information Security
tmatchim at CalSTRS.com

-----Original Message-----
From: cisspstudy-bounces at cccure.org<mailto:cisspstudy-bounces at cccure.org> [mailto:cisspstudy-bounces at cccure.org<mailto:cisspstudy-bounces at cccure.org>] On Behalf Of Terese Matchim
Sent: Monday, October 26, 2009 1:22 PM
To: 'The CISSP Study Mailing list'
Subject: Re: [Cisspstudy] Downstream liabilities

Yes, this valid question regarding legal liabilities that other companies should agree to if they represent you or work with you.

Terese Matchim
CalSTRS, Information Security
tmatchim at CalSTRS.com
-----Original Message-----
From: cisspstudy-bounces at cccure.org<mailto:cisspstudy-bounces at cccure.org> [mailto:cisspstudy-bounces at cccure.org<mailto:cisspstudy-bounces at cccure.org>] On Behalf Of Jordan, Lemuel CTR
Sent: Monday, October 26, 2009 12:59 PM
To: The CISSP Study Mailing list
Subject: [Cisspstudy] Downstream liabilites

Sorry forgot turn of the digital signature again

Following is question from free practice tests. The reference for the is AIO
2001 page 659. I have the 2008 version and do not find this terminology any
where. I may not have looked hard enough yet. Is this even a valid question?
At least the answers as normal descriptions?
***************
When companies come together to work in an integrated manner such as
extranets, special care must be taken to ensure that each party promises to
provide the necessary level of protection, liability and responsibility.
These aspects should be defined in the contracts that each party signs. What
describes this type of liability?

 Cascade liabilities
>Downstream liabilities
 Down-flow liabilities
 Down-set liabilities

>correct answer

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org<mailto:cisspstudy at cccure.org>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org<mailto:cisspstudy at cccure.org>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org<mailto:cisspstudy at cccure.org>
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20091026/0c67535b/attachment.html>