Docstoc

checklist-legislation

Document Sample
checklist-legislation Powered By Docstoc
					                                                                                            W A T S O N     H A L L

       Web application development legislation                                                        Watson Hall Ltd
                                                                                                 London 020 7183 3710
       security best practice, standards and compliance                                       Edinburgh 0131 510 2001
                                                                                                 info@watsonhall.com
                                                                                                 www.watsonhall.com

              The use of web applications can lead businesses into areas or effects of
              legislation where their conventional non-internet commerce might not
              have been relevant. This check list identifies some of the common
              legislation which organisations may need to consider. The check list is
              not necessarily complete – legislation is changing all the time and all
              businesses have special constraints, compliance issues, or there may be
              local (non UK) legislation which also needs to be taken into consideration.

              Terms of use
              This check list is provided free of charge and without any warranty. Use
              of this check list is subject to the terms of use displayed on our website
              at http://www.watsonhall.com/terms/

              Each check list should be amended and added to for the particular project
              requirements and environment.

              References
              The latest links to details of information security related legislation,
              codes of practice, organisations, initiative and standards can be found on
              the Watson Hall website at http://www.watsonhall.com/security/ and in
              a chart format at http://www.watsonhall.com/principal-influences/




              Check list summary


               Attribute           Text
               Company


               Department


               Web application


               Completed by


               Comments




C2-2009-1.1                                                                                                        1
Check list                                                                             Web application development legislation




             Data protection, fraud and investigation
              Item                                                          Required   Completed

              Civil Evidence Act 1995


              Communications Act 2003


              The Companies Act 2006


              The Computer Misuse Act 1990


              The Data Protection Act 1998


              Freedom of Information Act 2000


              Police and Justice Act 2006

              The Privacy and Electronic Communications (EC Directive)
              Regulations 2003
              The Privacy and Electronic Communications (EC Directive)
              Regulations 2003

              The Regulation of Investigatory Powers Act 2000

              The Telecommunications (Lawful Business Practice)
              (Interception of Communications) Regulations 2000

              The Terrorism Act 2006




             Payments and e-commerce
              Item                                                          Required   Completed

              The Consumer Protection (Distance Selling) Regulations 2000


              Consumer Credit Act 2006


              Electronic Commerce (EC Directive) Regulations 2002


              The Money Laundering Regulations 2003


              Taxes Acts (various)




                                                                                                                           2
Check list                                                                                Web application development legislation




             General
             Other key legislation for generic website development.

              Item                                                             Required   Completed

              Companies Acts (various)


                         Companies Act 2006

                         Companies (Audit, Investigations and Community
                         Enterprise) Act 2004

              Copyright and Intellectual property (various)


              Disability Discrimination Act 2005


              Employment Acts (various)


              Health and Safety Acts and Statutory Instruments (various)


                         Health and Safety at Work etc Act 1974


                         Offices, Shops and Railway Premises Act 1963 (c 41)


              The Human Rights Act 1998




             Other sector-specific legislation
             Sector specific regulations should be added here for each project. Some
             initial examples are provided below.

              Item                                                             Required   Completed

              Capital Requirements Directive (Basel II)


              Investment Services Directive (ISD)


              Markets in Financial Instruments Directive (MiFID)


              Sarbanes-Oxley Act


              Transparency Directive




                                                                                                                              3
Check list                                                                  Web application development legislation




             Why Watson Hall?
             Watson Hall provides independent web application security analyst
             services to businesses.

             To discuss any security matters in confidence and without obligation,
             telephone us on 020 7183 3710 or use the enquiry form on our website at
             http://www.watsonhall.com/form/

             Watson Hall Ltd is a limited company registered in England no 6004969 at
             North Bastle, Gatehouse, Northumberland, NE48 1NG, United Kingdom.




                                                                                                                4

				
DOCUMENT INFO
burmesepentester burmesepentester YGN Ethical Hacker http://yehg.net
About