Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook

Detailed descriptions of required security measures for subcontractors on contracts related to offered cloud services


When involving subprocessors in processing personal data related to offered cloud services, the organization ensures that contracts clearly specify the minimum technical and organizational security measures required from subprocessors.

Connected other frameworks and requirements:
A.11.12: Sub-contracted PII processing
ISO 27018
15.1.3: Information and communication technology supply chain
ISO 27017
No items found.