Expert Advice Community

Guest

Legal & Regulatory Requirements

  Quote
Guest
brianhopla Created:   Jul 10, 2018 Last commented:   Jul 12, 2018

Legal & Regulatory Requirements

Taking into consideration the requirements in ISO 22301 clause 4.2.2, how can it possibly be feasible to determine the interests of relevant parties, i.e. clients, of whom there may be several hundred or more who are all likely to be subject to different legal & regulatory requirements, depending on their industry/sector, and who will therefore all have different needs? My organisation has 800+ clients; it can't be practical or possible to assess each one individually?!
0 0

Assign topic to the user

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

ISO 27001 PROCEDURE FOR IDENTIFICATION OF REQUIREMENTS

Basics of identification of interested parties and their requirements.

Expert
Rhand Leal Jul 12, 2018

The key term in this ISO 22301 requirement is "relevant parties" (to your business). You do not have to identify requirements for all customers. Your organization may already have criteria to identify which ones are most important to you (e.g., total sales per customer, frequency of purchase, time of relationship, etc.), and you can use these criteria to sort the clients from whom you will have to identify needs and legal requirements.

For these clients identified as relevant according your criteria, you have to go through all the agreements you have with them and see if there are requirements related to business continuity.

ISO 27001 has a similar requirement and this article will provide you explanation that also can be applicable to ISO 22301:
- How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/

This material will also help you regarding ISO 22301 requirements identification:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 10, 2018

Jul 12, 2018

Suggested Topics