List of Legal, Regulatory, Contractual and Other Requirements
I assume that for each company other/different requirements are relevant. Right?
Assign topic to the user
Your assumption is correct. Even for organizations of the same size and industry there may be different relevant requirements because each organization has its own view of the business and market, so they develop different strategies, and also may have different approaches toward risks
This article will provide you a further explanation about the identification of requirements:
- How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
These materials will also help you regarding the identification of requirements:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
May 18, 2020