SPRING DISCOUNT
Get 30% off on toolkits, course exams, and books.
Limited-time offer – ends May 26, 2022
Use promo code:
SPRING30

Expert Advice Community

Guest

ISO 27001 / TISAX certification

  Quote
Guest
Guest user Created:   Nov 17, 2021 Last commented:   Nov 17, 2021

ISO 27001 / TISAX certification

I’m supporting an ISO 27001/TISAX certification. Right now we are unsure about a very specific problem: We need a precise definition for “sensitive work fields and positions” so we can identify these and implement them according security regulations. Thank you for your help.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 17, 2021

For a precise definition for “sensitive work fields and positions” you need to identify which security regulations you need to fulfill because these will define the requirements for the identification of sensitive work fields and positions.

For example, for EU GDPR, you need to define the Data Protection Office position, and since this regulation is about privacy protection, any process or area which handles Personally Identifiable Information (PII) will need to be considered a sensitive work field.

Specifically for ISO 27001, sensitive work fields and positions will also be identified as a result of risk assessment.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 17, 2021

Nov 17, 2021

Suggested Topics