Expert Advice Community

Guest

Customer management

  Quote
Guest
Guest user Created:   Feb 15, 2021 Last commented:   Feb 15, 2021

Customer management

Me gustaría saber por qué en ISO 27001 hay una “Gestión de Proveedores” y no hay una “Gestión de Clientes” ?

De que manera debo alinear o asegurar a mis clientes dentro de mi implementación de ISO 27001?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 15, 2021

1. I would like to know why in ISO 27001 there is a "Supplier Management" and there is no "Customer Management"?

Please note that ISO 27001 main objective is to protect the information, that belongs to the organization or is under its responsibility (e.g., customer information, partners information, etc.).

Considering that, the information to be protected may be accessed by suppliers (e.g., a SaaS provider, contractors, etc.), and the organization needs to ensure that information is also properly protected by suppliers (by means of contractual clauses, periodic service review, etc.), thus the need for “Supplier management”.

Now, customer management involves much more than information protection, so to include it in ISO 27001 would mean an unnecessary overhead for the information security management system.

2. How should I align or assure my clients within my implementation of ISO 27001?

For alignment of customers' interests and requirements with your ISO 27001 implementation, you must consider them when working clause 4.2 Understanding the needs and expectations of interested parties. Fulfilling this clause is enough for the standard to consider customers in your implementation.

For more information, see:

In case your organization considers it needs a more robust customer management approach, you may consider adopting concepts from ISO 9001, the standard for quality management.

For more information, see:

These articles will provide you a further explanation about ISO 27001:

These materials will also help you regarding ISO 27001:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 15, 2021

Feb 15, 2021

Suggested Topics

Guest user Created:   Mar 29, 2019 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 clause 6.1.2.c.1

Guest user Created:   Jun 30, 2021 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 questions