Expert Advice Community

Guest

If there is requirement for iso27001 for ecommerce company, but the company who own the business and who run the ecommerce is different company, who need to take iso 27001 ?

  Quote
Guest
Sashi Created:   May 06, 2021 Last commented:   May 11, 2021

If there is requirement for iso27001 for ecommerce company, but the company who own the business and who run the ecommerce is different company, who need to take iso 27001 ?

If there is requirement for iso27001 for ecommerce company, but the company who own the business and who run the ecommerce is different company, who need to take iso 27001 ?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 11, 2021

I’m assuming that you are asking which company needs to implement ISO 27001 and get certified.

Considering that, the company that needs to implement ISO 27001 and get certified is the one which has a direct business relation to the customer.

For example, if the ecommerce company is directly selling the goods/services, then it is the one who needs to get certified.

On the other hand, if you make deals with the business owner (i.e., the other company only operationalizes the deal), then this is the one who needs to get certified. This way you do not need to verify if every business owner's suppliers that serve you are ISO 27001 certified.

These articles will provide you a further explanation about suppliers’ security management:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
- Which security clauses to use for supplier agreements? https://advisera.com/27001academy/blog/2017/06/19/which-security-clauses-to-use-for-supplier-agreements/

 This material will also help you regarding suppliers’ security management:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 06, 2021

May 11, 2021

Suggested Topics