I have been trying to complete the 02.1_Appendix_List_of_Legal_Regulatory_Contractual_and_Other_Requirements_Integrated_EN
I am getting myself rather confused, previously I have maintained an integrated 9001 and 27001 so I have been thinking along the lines for these interested parties.
However, after much researching of the internet I get the idea this time it should only be parties interested in our Information Security only can you confirm if this is right or wrong please?
So things like The Working Time Directive an equal opportunities laws don’t need to be included?
Also things like the WEEE directive would I include because of the disposal of data\hardware? And maintenance companies that service the data centres for equipment like AirCon, would I include them?