Who needs to sign an NDA?
Assign topic to the user
Signing a Non-disclosure Agreement is one of the controls that can be implemented according to ISO 27001. But, as with other controls in ISO 27001 it should be implemented only if there are risks that need to be decreased with such a control. See also this article: The basic logic of ISO 27001 - How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
To answer your question directly, only those employees where the risks are higher should sign the NDA - it can include also you as their boss if there are risks that need to be decreased using this control. Therefore, first do your risk assessment and then decide who needs to sign the NDA.
Comment as guest or Sign in
Jan 12, 2016