4.2 Understanding the needs and expectations of interested parties

Requirement	The organization shall determine: a) interested parties that are relevant to the information security management system; and b) the requirements of these interested parties relevant to information security. The requirements of interested parties may include legal and regulatory requirements and contractual obligations.
Instruction	Identify all stakeholders of the ISMS and write down what their interest is.
Implementation	The needs and expectations of interested parties are described in the Stakeholder analysis.

Owner	Security officer
Frequency	Half year
Instruction	Is the Stakeholder analysis still accurate? Consult with stakeholders to confirm if necessary.

	File	Modified

No files shared here yet.