Expert Advice Community

External Service Providers- Confidentiality

  Quote
Created:   Mar 08, 2023 Last commented:   Mar 15, 2023

External Service Providers- Confidentiality

I'm a new Quality Manager and we are outsourcing IT.  Since they will have remote access to our servers/computers do I need to have them sign a NDA/Confidentiality agreement? If so, do you guys have an example of one?

Assign topic to the user

ISO 17025 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 17025 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 15, 2023

According to ISO 27001, an NDA/Confidentiality agreement is needed only in case-control A.6.6 – Confidentiality or non-disclosure agreements are deemed applicable, due to the results of risk assessment or applicable legal requirements (e.g., laws, regulations, or contracts). 

To see an example of an NDA/Confidentiality agreement, please check this demo: https://advisera.com/27001academy/documentation/confidentiality-statement/

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Mar 08, 2023

Mar 15, 2023