...
- Getting Started | Overview | Resources | Standards
- Compliance with Legal and Contractual Requirements (ISO 18.1)
- Information Security Reviews (ISO 18.2)
Anchor | ||||
---|---|---|---|---|
|
...
Anchor | ||||
---|---|---|---|---|
|
Compliance with Legal and Contractual Requirements
...
Panel | ||
---|---|---|
| ||
Objective: The goal of this section is to help outline effective practices for identifying compliance obligations, as well as the roles and responsibilities, activities, and controls needed to manage all of the institution’s legal, contractual, and records management requirements. |
...
ISO has a separate standard, ISO 15489, "Information and Documentation — Records Management." This standard goes into greater detail about how an institution recognizes the context in which records are created, received, used, stored, and destroyed as an implicit part of the data governance process.
This " records management " function may be placed anywhere in an institution, and sometimes it is part of an institution's IT structure. Regardless, records management has components of compliance that are unavoidable.
...
Top of page
Anchor | ||||
---|---|---|---|---|
|
Information Security Reviews
...
Panel | ||
---|---|---|
| ||
Objective: Ensure that information security compliance requirements are effectively addressed and maintained over time. |
...