In this episode of InfoSec Insider, Mark O’Kane, Consultant at URM, offers his insights into the legal, regulatory and contractual-related controls (A.5.31-37) from Annex A of ISO 27001:2022 and how they can be effectively implemented by organisations.  Mark draws upon his extensive experience assisting organisations to certify against the Standard to discuss:

The requirements of the legal, regulatory and contractual controls and how they fit into the overall aim of the ‘Organisational’ control theme
How the legal controls help to prevent breaches of legal, statutory, regulatory or contractual obligations related to information security
How to put controls A.5.31-37 into practice.

Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-legal-regulatory-and-contractual
 
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider   
 
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts   
 
Brought to you by URM, the UK’s leading information and cyber security specialists.    

Ver todos los episodios