It has been said that “What ever your hand finds to do, do it with all your might”. This sums up the principles of Due Care and Due Diligence, but I will attempt to expound upon these in a little more detail.

Due Care is a proactive principle. This means you take the initiative when it comes to securing your environment. You do not wait for legal dictums, industry directives or breaches to obtain the momentum for action. With due care you create the momentum, you create the security culture in your organization, you create the security plan, design and you execute. Security should already be in place when the regulators, auditors and criminals come to you. Due Care will make their stay short and sweet.

Due Diligence has to do with the reasonable and correct steps in fulfilling a Security architecture or design. It is essentially the proper implementation of security wisdom – or the Best Practices.

These two principles are the bedrock that your architecture should be founded upon.