SCO Facilities and Physical Property

The Principles of Due Care & Due Diligence

The terms “due care” and “due diligence” are used in the fields of finance, securities, and law. These terms describe the “reasonable and prudent person” rule. A prudent person takes due care to insure that everything necessary is done to operate the business by sound business principles and in a legal ethical manner. A prudent person is also diligent (i.e., mindful, attentive, and ongoing) in their due care of the business. In the business world, stockholders, customers, business partners, and government regulators have the expectation that corporate officers will run the business in accordance with accepted business practices and in compliance with laws and other regulatory requirements. In the public sector, constituents and political leaders hold the same expectations of government agency officers. In addition to these expectations being a motivating force for officers, Federal Sentencing Guidelines and State Statutes now make it possible to hold both private and public sector organization officers liable for failing to exercise due care and due diligence in the management of their information privacy/security practices.

The importance of demonstrating “due care” and “due diligence” cannot be expressed enough in government. “Due care” and “due diligence” activities are the foundation for establishing and maintaining the trust of constituents. The SCO Information Security Program Standards Manual’s content aligns with industry standards and complies with statutory and administrative requirements are “due care” and “due diligence” activities.