A6 Internal Organisation
In the Clause A6, we need to maintain contacts with the Superior Authorities and the special Interest Groups.
Could you please explain this Point. If I understood right, we need to maintain contact with the Superior Authority of the State where we can report any Data Breach.
How can we prepare the documentation of it?
Assign topic to the user
ISO 27001 INTERNAL AUDITOR COURSE
Everything you need to perform the internal audit for the first time.
Enroll for free 
ISO 27001 INTERNAL AUDITOR COURSE
Everything you need to perform the internal audit for the first time.
Enroll for free
ISO 27001 INTERNAL AUDITOR COURSE
Everything you need to perform the internal audit for the first time.
Enroll for free
If your question is about if you need to prepare a documentation for data breach, then from the perspective of ISO 27001 you do not need to do it because ISO 27001 does not require such documents.
Depending on the country/state you are based in, such documents might be required because of local regulations - for example, EU GDPR requires you to have some documents for data breach, see this article: List of mandatory documents required by EU GDPR https://advisera.com/articles/list-of-mandatory-documents-required-by-eu-gdpr/
In this EU GDPR Toolkit you'll find all the required templates: https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/
Comment as guest or Sign in
Jan 24, 2020