Governance: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 16: | Line 16: | ||
[[ISO/IEC 27002]] - how to handle access to data and incident response | [[ISO/IEC 27002]] - how to handle access to data and incident response | ||
UK NCSC CRA - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits | [[UK NCSC CRA]] - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits |
Revision as of 07:18, 23 November 2024
Legal requirements in the EU
ePrivacy Directive (cookie law) - EPD - NB will be replaced by ePrivacy Regulation
General Data Protection Regulation GDPR - privacy
Legal requirements to think of
Certifications
ISO 9001 - quality management systems
ISO/IEC 27001 (EU and rest of world) / SOC2 (North America) - how to protect your data
ISO/IEC 27002 - how to handle access to data and incident response
UK NCSC CRA - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits