In terms of commercial and Employee contracts, as interested parties, should there be a clause in the contracts to cover information and security? If so, is there a standard clause that can be used to cover this?
I know these would need to be legally checked, but in your opinion, is the following a reasonable outline to be working with?
'Information management. *** operates under the guidelines of ISO27001 and The Data Protection Act (2018). Both parties must adhere to the specified processes and practices outlined in the company's Information Security Management System (ISMS).'
'Intellectual property. All rights to Intellectual Property remain with ***.