top of page

ISO 27001 Control 5.32: Intellectual Property Rights

Writer's picture: Alan ParkerAlan Parker

Protecting Intellectual Property Rights: A Guide for Organisations


Intellectual property rights (IPR) play a crucial role in safeguarding the creative and innovative assets of an organisation.


Proper management and protection of these rights are essential not only for compliance with legal, statutory, regulatory, and contractual obligations but also for preserving the organisation's competitive advantage. #


This article outlines best practices and guidelines for implementing robust intellectual property protection procedures.


Purpose of Protecting Intellectual Property Rights


The primary objectives of protecting intellectual property rights are:

  • Ensuring compliance with legal, statutory, and regulatory requirements related to intellectual property.

  • Safeguarding proprietary products, software, and information against misuse or infringement.

  • Minimising the risk of legal disputes, fines, and reputational damage.


Key Guidelines for Protecting Intellectual Property

Organisations should consider the following measures to protect intellectual property effectively:


1. Develop and Communicate Policies

  • Define a topic-specific policy on intellectual property protection and ensure it is communicated to all relevant stakeholders.

  • Publish detailed procedures that outline compliance requirements for software and information product usage.


2. Acquire Software from Reputable Sources

  • Ensure all software is procured through known and trustworthy sources to avoid copyright infringements.

  • Verify that licences are valid and meet the organisation’s needs.


3. Maintain Asset Registers

  • Maintain comprehensive asset registers to identify all intellectual property assets requiring protection.

  • Document ownership evidence, such as licences, manuals, and proof of purchase.


4. Monitor and Review Software Usage

  • Conduct regular reviews to ensure only authorised software and licensed products are installed on organisational systems.

  • Ensure the maximum number of users or resources permitted under the licence agreement is not exceeded.


5. Licence Management

  • Implement procedures for maintaining licence compliance, including renewal and documentation of terms and conditions.

  • Provide clear instructions for the disposal or transfer of software to others.


6. Compliance with Copyright Laws

  • Adhere to the terms and conditions for using software and information obtained from public networks and external sources.

  • Avoid duplicating, converting, or extracting from commercial recordings, standards, or publications unless explicitly permitted by copyright law or applicable licences.


Addressing Risks and Responsibilities

Organisations must manage risks associated with both third-party intellectual property and their own proprietary rights. Key considerations include:

  • Third-Party Compliance: Ensure that all external software, data, and information comply with intellectual property laws and the terms of any agreements or licences.

  • Internal Protection: Protect the organisation’s intellectual property against misuse by employees or third parties by implementing appropriate controls and awareness programmes.


Other Important Considerations


1. Proprietary Software Licences

  • Understand and adhere to the terms of proprietary software licence agreements, including limitations on usage and copying.

  • Restrict copying to the creation of backup copies only unless otherwise permitted by the licence.


2. Data Sharing Agreements

  • Clearly define processing permissions and the provenance of data acquired from external sources in data sharing agreements.

  • Ensure compliance with relevant standards such as ISO/IEC 23751.


3. Legal and Regulatory Obligations

  • Be aware of legal restrictions on copying proprietary materials and ensure compliance with these requirements.

  • Recognise that copyright infringement can result in significant legal consequences, including fines and criminal charges.


Leveraging International Standards

Organisations can enhance their intellectual property protection practices by referencing relevant standards, such as:

  • ISO/IEC 19770 Series: Guidance on IT asset management.

  • ISO/IEC 23751: Guidance on data sharing agreements.


Conclusion

Protecting intellectual property rights is a critical component of an organisation’s governance framework. By implementing comprehensive policies, maintaining asset registers, monitoring software usage, and complying with copyright laws, organisations can mitigate risks and ensure legal compliance. Proactively managing intellectual property not only safeguards valuable assets but also supports long-term business success.

Comments


About the author

Alan Parker is an IT consultant and project manager who specialises in IT governance, process implementation, and project delivery. With over 30 years of experience in the industry, Alan believes that simplifying complex challenges and avoiding pitfalls are key to successful IT management. He has led various IT teams and projects across multiple organisations, continually honing his expertise in ITIL and PRINCE2 methodologies. Alan holds a degree in Information Systems and has been recognised for his ability to deliver reliable and effective IT solutions. He lives in Berkshire, UK, with his family.

bottom of page