Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

Information security policy in contracts

  Quote
Guest
Guest user Created:   Jul 09, 2020 Last commented:   Jul 09, 2020

Information security policy in contracts

Does the information security policies have to explicitly be in the contract or is it enough if it’s in the employee handbook?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 09, 2020

ISO 27001 does not prescribe how to document your information security policies, so organizations are free to document them as they see fit.

The general practice is to have information security policies as internal operational documents, and including only references to them in contracts, as contractual clauses.

This article will provide you a further explanation about documenting policies and developing employment contracts:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 09, 2020

Jul 09, 2020

Suggested Topics