I'm a new Quality Manager and we are outsourcing IT. Since they will have remote access to our servers/computers do I need to have them sign a NDA/Confidentiality agreement? If so, do you guys have an example of one?
Assign topic to the user
According to ISO 27001, an NDA/Confidentiality agreement is needed only in case-control A.6.6 – Confidentiality or non-disclosure agreements are deemed applicable, due to the results of risk assessment or applicable legal requirements (e.g., laws, regulations, or contracts).
To see an example of an NDA/Confidentiality agreement, please check this demo: https://advisera.com/27001academy/documentation/confidentiality-statement/
For further information, see:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
Comment as guest or Sign in
Mar 15, 2023