Expert Advice Community

Home / ISO 27001 & 22301 / Interested Parties and Their Requirements

Guest

Interested Parties and Their Requirements

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Interested Parties and Their Requirements

ISO 27001 & 22301
I have a few questions, it is about interested parties. I am in the process of gathering requirements of interested parties.
0 0

Assign topic to the user

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.
Guest
DejanK Jan 12, 2016

1. Can I just group them instead of address them one by one specifically? By group, I mean it's like: supplier, customer, internal working unit, goverment agencies, etc..
2. About their requirements, do I have to quote it precisely (from contractual agreement, for instance) or can I use my own words?

Answers:

1) ISO 27001 does not say you need to identify each interested party individually, so yes - you can group them, as long as each interested party in a group has the same requirements.

2) Sure, you can use your own words.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Dec 17, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 - Context of Organization
Guest post Created:   Jan 13, 2016 ISO 27001 & 22301
Replies: 1
0 0

Identification of Requirements - level of detail?
Guest user Created:   Oct 21, 2022 ISO 27001 & 22301
Replies: 1
0 0

Gap analysis results