BLACK FRIDAY DISCOUNT
Get 30% off on toolkits, course exams, Conformio, and Company Training Academy yearly plans.
Limited-time offer – ends December 2, 2024
Use promo code:
30OFFBLACK

Expert Advice Community

Register of requirements

  Quote
Created:   Mar 17, 2023 Last commented:   Mar 22, 2023

Register of requirements

Hello,

I am currently writing the "Restier of Reiquirements" document for my company. I am using conformio for this, in which we can specify whether we are compliant to the said requirements. So this got me thinking about the following. 

Some client(s) require my company to pay some form of indemnity in case of data breah or any sort of security issue. 

Is the above considered a requirement? I mean we can't relly comply to it unless we have a security issue and actually have to pay the indemnity.

0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

Expert
Rhand Leal Mar 22, 2023

From a practical point of view, paying indemnities is not a security requirement, but a legal one. Therefore, you do not need to list this requirement in the Register of Requirements.

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Mar 17, 2023

Mar 22, 2023

Suggested Topics