We acquired the ISO 22301 Documentation Toolkit some time ago and just started to implement the ISMS for our company. I was delegated the project manager role for this project and as this kind of project is completely new to me, I’m not sure whether I understand everything correctly. Right now we are at the stage of identifying the requirements and expectations of interested parties and I expect that people I’m about to interview will have trouble formulating their needs. I anticipate them going into much technical details about defining SLA, RTO, and RPO for their related Information Systems which, as I understand, must be done later. However, I’m not sure what can be mentioned as requirements and how to help interested parties formulate their requirements. Could you please share some experience, maybe in a form of real-life examples, for filling up the “List of Legal, Regulatory, Contractual and Other Requirements”, with the focus on internal Information Resource owners’ requirements?