Due Diligence and Due Care

The following is my definition of Due Diligence and Due Care. As I am not a lawyer, I just interpret them from my point of view and avoid to relate them to the context of the laws.

Due Diligence

The core concept of due diligence is about making informed decisions. A decision should be made based on sufficient information and justifications. If a decision-maker can’t do so, he or she doesn’t exercise due diligence. The decision-maker often implies the management.

CISSP PRACTICE QUESTIONS – 20190915

  • Security Due Diligence
  • Financial Due Diligence
  • Operational Due Diligence
  • Legal Due Diligence
  • Human Rights Due Diligence

Due Care

The core concept of due care is about a reasonable person’s compliance and best efforts. A reasonable person should do his or her duty according to the organization’s policies, standards, and procedures; and with best efforts. Lack of due care is called negligence. The reasonable person role applies to everyone.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s