Content library
TISAX: Information security
9.8: Instructions

How to fill the requirement

TISAX: Information security

9.8: Instructions

Task name
Priority
Status
Theme
Policy
Other requirements
Personnel guidelines for safe processing of personal and confidential data
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Privacy
Processing principles and accountability
requirements

Task is fulfilling also these other security requirements

29. Processing under the authority of the controller or processor
GDPR
7.2.2: Information security awareness, education and training
ISO27 Full
18.1.4: Privacy and protection of personally identifiable information
ISO27 Full
12.1.1: Documented operating procedures
ISO27 Full
11.2.8: Unattended user equipment
ISO27 Full
1. Task description

The Data Protection Officer (or other responsible person) has drawn up operating instructions for personnel handling personal data. In addition, the Data Protection Officer is ready to advise the controller, personal data processing partners or their own staff on compliance with GDPR or other data protection requirements.

Handling of instructions from controller regarding the processing of personal data
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Privacy
Security and responsibilities
requirements

Task is fulfilling also these other security requirements

9.8.1: Instructions for data processing
TISAX
9.8: Instructions
TISAX
1. Task description

The organization must have in place a procedure to handle instructions coming from data controller regarding the processing of personal data. The procedure must make sure:

  • Received instructions are documented
  • Instructions are implemented and the implementation is maintained
  • Data is separated by client, project or other specific grouping
No items found.