Expert Advice Community

Guest

Scope of legal and contractual requirements

  Quote
Guest
Guest user Created:   Sep 23, 2020 Last commented:   Sep 23, 2020

Scope of legal and contractual requirements

Hi, In this list https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/laws-regulations-information-security-business-continuity/
for France and the European Union, there are mainly regulations regarding personal data protection. In my understanding, ISO27001 requires to list all the regulations that apply to the business of the company seeking the ISO certification, which would be much wider.
For example, our company provides a billing software. I would have listed all french regulations related to billing and not only data protection. Is my interpretation of the norm too wide ?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 23, 2020

Please note that ISO 27001 requires only requirements relevant to information security, not all the regulations in a country.

Additionally, please note that the list in the article you mentioned is not fully up-to-date because it depends on voluntary contributions from our readers – therefore, it is likely that not all regulations for each country are listed (some even may have been withdrawn). To make sure you have the latest list of laws and regulations, it would be best to hire a local legal adviser.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 23, 2020

Sep 23, 2020

Suggested Topics