Guest
Who needs to sign an NDA?
Im buiding up the ISMS and I requested some positions in my company to sign on NDA in ISMS, but I dont know exactly who have to sign on NDA (eg. Director, CSO, Security Representative etc
). If Im the boss, do I have to sign on an NDA?
Assign topic to the user
Signing a Non-disclosure Agreement is one of the controls that can be implemented according to ISO 27001. But, as with other controls in ISO 27001 it should be implemented only if there are risks that need to be decreased with such a control. See also this article: The basic logic of ISO 27001 - How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
To answer your question directly, only those employees where the risks are higher should sign the NDA - it can include also you as their boss if there are risks that need to be decreased using this control. Therefore, first do your risk assessment and then decide who needs to sign the NDA.
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016