The security practices required in each situation are dictated in part by the business you are in and the risks you face. Perform a risk assessment of each situation that involves oral, written and electronic information. ISO 17799 is the basis for many security controls and may be used as the core program, but you must assign responsibility to monitor potential changes in contractual obligations, regulations and laws such as the Sarbanes-Oxley Act.Next read this article on the security of information at offsite meetings and conferences.”]
Source: https://www.csoonline.com/article/2116797/transporting-ip.html