Sources of requirements
Assign topic to the user
Answer: 'Document stipulating the requirement' is any documentation with needs or expectations that can be measured in terms of information security characteristics. Examples of documents that stipulate requirements are contracts (e.g., Non Disclosure Clauses, which refers to confidentiality), service level agreements (e.g., clauses which define minimal availability to be delivered, like 99.999% availability during a year), and regulations (e.g., EUGDPR, which define how EU Citizens private information must be handle by organizations that offers services to EU, which also refers to confidentiality).
These materials will also help you regarding sources of requirements:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- F ree online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 09, 2017