SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Stakeholder info to document

Guest

Stakeholder info to document

ISO 27001 & 22301
  Quote
Guest
isocert Created:   Oct 18, 2017 Last commented:   Oct 18, 2017

Stakeholder info to document

ISO 27001 & 22301
Hello, Currently I am at clausule 4.2 of the ISO27001 certification. I need to analyse the stakeholders for my organization where I am doing my internship. To analyse these, I made a table in Microsoft Word and used the following info to fill per stakeholder: - Stakeholder type (customers, suppliers, partners, employees and supervisors) - Stakeholder name (per stakeholder type there are different stakeholders. E.g. employees describes the sales, support, system engineers and so on) - Small description about the stakeholder (what are it's activities related to our organisation) - Requirements and expectations per stakeholder (e.g. customers: protect their data) - Laws, regulations, contract requirements (e.g. the GDPR for the Netherlands, processing agreement with customers) - And last but not least: does the organisation meet these requirements? Is this enough information for the stakeholdersanalysis? Thanks in advance. Yours sincerely, Tom van Ruitenbeek
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
isocert Oct 18, 2017

Or would it be enough to just document a list of legal, regulatory, contractual and other requirements?

Quote
0 0
Expert
Rhand Leal Oct 25, 2017

Yes, the information you are gathering will provide you a good overview for the understanding of needs and expectations of interested parties and it is covering the clause's requirements:
- which interested parties are relevant to the ISMS
- which requirements of these interested parties relevant to information security

For stakeholders analysis you should also consider if there is any implemented control to meet these requirements

These articles will provide you further explanation about interested parties analysis:
- How to identify interested parties according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
- How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/

This material will also help you regarding interested parties ana lysis:
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 18, 2017

Oct 25, 2017

Suggested Topics
Guest user Created:   Jun 15, 2021 ISO 27001 & 22301
Replies: 1
0 0

Implementation questions
Guest user Created:   Jul 26, 2017 ISO 27001 & 22301
Replies: 1
0 0

BCP Test
Guest user Created:   Oct 17, 2022 ISO 27001 & 22301
Replies: 1
0 0

Questions about ISO 27001