The need to know principle can be enforced with user access controls and authorisation procedures and its objective is to ensure that only authorised individuals gain access to information or systems necessary to undertake their duties.
Need To Know Principle
Mark Sharron
Mark is the Head of Search & Generative AI Strategy at ISMS.online, where he develops Generative Engine Optimised (GEO) content, engineers prompts and agentic workflows to enhance search, discovery, and structured knowledge systems. With expertise in multiple compliance frameworks, SEO, NLP, and generative AI, he designs search architectures that bridge structured data with narrative intelligence.
Related articles
Can the UK Create a Multibillion-Pound AI Assurance Sector?
The government is going all-in on AI. Announced in January, its AI Opportunities Action Plan seeks to drive economic growth, improve the quality of...
Safe Harbor Review Means Business as Usual – For Now
September was a watershed month for companies in Europe wanting to share data with the US. The General Court of the European Union rejected a chall...
Jaguar Land Rover’s Travails Highlight the Need for Cyber Resilience
Manufacturers have been the most popular target for global cyber-attacks over the past four years. The sector was also number one for ransomware in...
Read more from Mark Sharron
The Ultimate Guide to GDPR Compliance with ISO 27001 and ISO 27701
The Challenge of GDPR Compliance Managing the requirements of GDPR compliance is a significant challenge for businesses. However, implementing ISO ...
Why Italy Said No to ChatGPT – A Deep Dive Into the Controversy
The ChatGPT Ban in Italy A Wake-up Call for AI Developers and Users The recent ban on ChatGPT in Italy has raised concerns about AI developers̵...
Why ISO 27001 Is Better Than
SOC 2
The Microsoft Supplier Security and Privacy Assurance (SSPA) program requires that its suppliers have an adequate security and privacy program in p...
