Informing of infringing processing instructions

Critical
High
Normal
Low

It is the responsibility of the organization to notify the customer if the processing instructions seem to violate laws or official requirements.

Connected other frameworks and requirements:
A.8.2.4: Infringing instruction
ISO 27701

Inventory and documentation of data processing agreements

Critical
High
Normal
Low

The processors of personal data (e.g. providers of data systems, other partners using our employee or customer data) and the agreements related to the processing of personal data have been documented. The documentation includes e.g.:

  • Processor name and location
  • Purpose of processing data
  • Status of agreement
Connected other frameworks and requirements:
28. Processor
GDPR
15.1.2: Addressing security within supplier agreements
ISO 27001
13.2.2: Agreements on information transfer
ISO 27001
A.8.2.4: Infringing instruction
ISO 27701
5.14: Information transfer
ISO 27001
No items found.