Expert Advice Community

Guest

Legal and contractual requirements question

  Quote
Guest
Guest user Created:   Jul 08, 2022 Last commented:   Jul 08, 2022

Legal and contractual requirements question

Looking through our List of Legal, Regulatory, Contractual and Other Requirements documents, we had a question. As a small company that deals with commercial driving fleets, are we expected to have a long list of these requirements? Of the list of requirements that were listed on the article linked in the actual document, none really applied to us. We do not operate in individual states that have these requirements, so we had very few there. As a whole, it seems like we only have a few contractual requirements with our customers. Does that seem right?
0 0

Assign topic to the user

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

Expert
Rhand Leal Jul 08, 2022

First is important to note that the article linked to the template is only a starting point (it is updated by contributions of our readers and may not be fully updated). Our recommendation is for you to seek local legal advice so they can help you identify other legal requirements you need to consider for your ISO 27001 implementation (e.g., local laws and regulations).

ISO 27001 does not prescribe how long the list of Legal, Regulatory, and Contractual requirements must be. It is likely your list will be short since normally transportation companies are not security regulated, but they might have some privacy regulations that are applicable. 

For further information, see:

How to identify interested parties according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301/
How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 08, 2022

Jul 08, 2022