Due Care and Due Diligence

Due Care and Due Diligence：

Due care and due diligence are terms used throughout this book. Due diligence is

the act of investigating and understanding the risks the company faces. A company

practices due care by developing and implementing security policies, procedures,

and standards. Due care shows that a company has taken responsibility for

the activities that take place within the corporation and has taken the necessary

steps to help protect the company, its resources, and employees from possible

threats. So, due diligence is understanding the current threats and risks, and due

care is implementing countermeasures to provide protection from those threats.

If a company does not practice due care and due diligence pertaining to the security

of its assets, it can be legally charged with negligence and held accountable

for any ramifications of that negligence.

兩者的不同之處：

due diligence is understanding the current threats and risks, and due