CyLawCom Audit for Web Publishers
Background: CyLawCom Audit is an audit of the business process of an entity from the objective of identifying Cyber Law related risks of business. The audit is normally followed by a recommendation on actions to be taken to bring the Cyber Law Compliance level to an acceptable level. CyLawCom audit is typically undertaken in two phases. The “CyLawCom Risk Audit” phase is the phase in which the risks are identified and a “Risk Assessment Report” is made available to the management of the organization. The “CyLawCom Compliance Audit” is the phase in which the organization’s efforts of “Cyber Law Risk Compliance Measures” based on an earlier “Risk Audit” is evaluated and a “Compliance Certificate” is issued by the audit agency to a “CyLawCom Certifying Agency”. CyLawCom Audit process has been developed by Cyber Law College and is undertaken through professionals trained in “Techno Legal Cyber Security Aspects”, referred to as “CyLawCom Examiners”. Cyber Law College enrolls qualified professionals as “Provisional CyLawCom Examiners” to whom necessary training is administered to undertake such audits. Additionally, “Certified CyLawCom Examiners” are being developed through a competitive qualification examination. CyLawCom Audit for Web Publishers Web Publishers as distinguished from E-Commerce websites include all categories of persons and organizations who provide information on the web. This may include Portals as well as individual websites specializing in specific areas of information. Blogs and e-mail groups also purvey news and information. These web publishers are exposed to risks arising out of defamatory information, false and misleading information, obscene information, information that are objectionable from the point of view of the security of the nation, friendly relations with the neighboring countries, religious harmony etc. Some times risks arise out of postings of visitors to the site (eg: Blogs and e-groups) or from syndicated advertisements where the owners do not have full control on the contents. Unlike in the organized print publisher’s world where there are well established industry representative bodies such as the Indian News Paper Society, there are no industry bodies that can guide web publishers on the measures to be initiated to mitigate the cyber law related risks. The CyLawCom Risk Audit and Compliance Certification for Web Publishers is a service which enables web publishers to identify the best practices that may be considered as adequate “Due Diligence Practice” in maintaining the publishing activity. Following an adequate “Due Diligence Practice” with lack of knowledge of a crime being committed could provide protection to a web publisher from being held liable for Cyber Crimes that may occur through his network. Disclaimer: The CyLawCom Audit process takes adequate care of the expectations of Law and Law Enforcement Agencies in the Indian scenario on a dynamic basis. However, it must be recognized that CyLawCom Audit process is a voluntary Cyber Law Compliance of the Web Publisher and does not create an obligation on either the Law Enforcement or the Judiciary to accept it with or without reservations. Further, the audit and certification may be a reflection of the status as at a point of time and cannot guarantee a continued compliance between two points of reference times. Neither the Auditors nor the Certifiers are liable for any consequences in the event of the process falling short of Policing or Judicial expectations. For details contact naavi@vsnl.com by e-mail |