How do we identify what are the regulatory, contractual and other requirements
Assign topic to the user
ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS
Basics of identification of interested parties and their requirements.
Get it now 
ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS
Basics of identification of interested parties and their requirements.
Get it now
ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS
Basics of identification of interested parties and their requirements.
Get it now
You must find a list of laws and regulations in your country that can potentially be relevant for your ISMS - you can find an unofficial list here: https://www.infosecpedia.info/laws-regulatio******************************************** For contractual obligations, you have to find all the contracts your company has made.
The only way to find out if they are relevant to your company is to read them, or ask someone else to read them for you.
This article can also help you: How to identify interested parties according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
Comment as guest or Sign in
Jan 12, 2016