In the procedure for document and record control doc, it says...
“Each external document which is necessary for the planning and operation of the ISMS/compliance with GDPR must be recorded in the incoming mail register. The incoming mail register must contain the following information: (1) document number, (2) sender, (3) document name, (4) date of receipt, (5) name of the person to whom the document has been forwarded.”
1. Is this something that is needed for ISO?
2. How do I know which external documents are necessary for ISMS compliance?
3. Also is there an incoming mail register document as part of the templates?