Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook

Requirements included in the framework

13
ISO 27018

Communications security

13.2
ISO 27018

Information transfer

13.2.1
ISO 27018

Information transfer policies and procedures

9
ISO 27018

Access control

9.2
ISO 27018

User access management

9.2.1
ISO 27018

User registration and de-registration

9.4
ISO 27018

System and application access management

9.4.2
ISO 27018

Secure log-on procedures

A.10
ISO 27018

Accountability

A.10.1
ISO 27018

Notification of a data breach involving PII

A.10.2
ISO 27018

Retention period for administrative security policies and guidelines

A.10.3
ISO 27018

PII return, transfer and disposal

A.11
ISO 27018

Information security

A.11.1
ISO 27018

Confidentiality or non-disclosure agreements

A.11.10
ISO 27018

User ID management

A.11.11
ISO 27018

Contract measures

A.11.12
ISO 27018

Sub-contracted PII processing

A.11.13
ISO 27018

Access to data on pre-used data storage space

A.11.2
ISO 27018

Restriction of the creation of hardcopy material

A.11.3
ISO 27018

Control and logging of data restoration

A.11.4
ISO 27018

Protecting data on storage media leaving the premises

A.11.5
ISO 27018

Use of unencrypted portable storage media and devices

A.11.6
ISO 27018

Encryption of PII transmitted over public data-transmission networks

A.11.7
ISO 27018

Secure disposal of hardcopy materials