Legal teams have long played an important role in information security and compliance programs. The expertise that attorneys bring to the table complements the technical subject matter expertise of IT professionals and, when working toward a common purpose, contributes to a well-rounded IT risk management program. In this tip, I look at three different ways that legal teams can contribute to information security efforts in enterprises of all sizes.

Legal departments often find themselves thrust into the middle of enterprise risk management programs for two reasons. First, they are normally privy to many of the sensitive risks facing different areas of the business. Second, many organizational risks are legal in nature, requiring the expertise of an attorney to assist in interpreting laws and regulations and to estimate the impact on the organization should a violation arise.

Read more: Can legal departments complement IT security?

Published February 27, 2015 on SearchSecurity.com