Governance: Difference between revisions

From Edgar BV Wiki
Jump to navigation Jump to search
No edit summary
Line 16: Line 16:
[[ISO/IEC 27002]]  - how to handle access to data and incident response
[[ISO/IEC 27002]]  - how to handle access to data and incident response


UK NCSC CRA - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits
[[UK NCSC CRA]] - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits

Revision as of 07:18, 23 November 2024

Legal requirements in the EU

ePrivacy Directive (cookie law) - EPD - NB will be replaced by ePrivacy Regulation

ePrivacy Regulation

General Data Protection Regulation GDPR - privacy

Legal requirements to think of

Archive laws

Certifications

ISO 9001 - quality management systems

ISO/IEC 27001 (EU and rest of world) / SOC2 (North America) - how to protect your data

ISO/IEC 27002 - how to handle access to data and incident response

UK NCSC CRA - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits