Digital redaction standard crdprocc, bvcvvsu
Receiving the 1st working draft of new international standard ISO/IEC 27038 on digital redaction this morning prompted me to think about the risk associated with redaction, more specifically the information security risks associated with the redaction of electronic documents and other digital data files (e.g. digital still photos and video images; spreadsheets and numeric/statistical data sets and databases). Two cups of tea and a bit of head scratching later, here’s my ‘top 10’ list of information security risks associated with redaction:
While I press ahead with other things, I’d be interested to know what digital redaction risks you think I’ve either missed or miss-stated. I’d also love to hear from you about redaction incidents, particularly those involving digital files but even those old-skool hardcopy redaction failures can be quite illuminating. Regards, Gary (Gary@isect.com) PS By all means comment on this blog if you have something to say, or better still join the discussion on the ISO27k Forum or CISSPforum .
PPS Thanks to the discussion so far, the list of risks has been modified.