Content library
Julkri: TL IV-I
HAL-05: Vaatimukset

How to fill the requirement

Julkri: TL IV-I

HAL-05: Vaatimukset

Task name
Priority
Status
Theme
Policy
Other requirements
Identification, documentation and management of other information security requirements
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Risk management and leadership
Cyber security management
requirements

Task is fulfilling also these other security requirements

18.1.1: Identification of applicable legislation and contractual requirements
ISO27 Full
ID.GV-3: Legal and regulatory requirements
NIST
HAL-05: Vaatimukset
Julkri
5.31: Legal, statutory, regulatory and contractual requirements
ISO27k1 Full
2: Lainsäädäntö ja velvoitteet
Sec overview
1. Task description

Compliance with required laws, regulations, standards, and contractual obligations can be as challenging as dealing with an ever-changing threat environment and new forms of cyber-attacks.

The organization shall document the information security requirements and the organisation's operating model for meeting them.

It is important to note that a large part of the requirements (e.g. laws, standards) are evolving entities. It is recommended to define a review interval for the documentation to describe the frequency at which changes in the requirements should at least be checked.

Muiden tietoturvavaatimusten seuranta
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Risk management and leadership
Cyber security management
requirements

Task is fulfilling also these other security requirements

HAL-05: Vaatimukset
Julkri
HAL-05.1: Vaatimukset - seuranta
Julkri
1. Task description

Organisaation tietoturvallisuusvaatimukset muodostuvat esimerkiksi lainsäädännössä ja sopimuksissa määritellyistä vähimmäisvaatimuksista sekä muista tunnistetuista tai itse tavoitelluiksi valituista vaatimuksista.

Organisaation on seurattava tietoturvallisuusvaatimusten muutoksia ja tehtävä tarvittavat toimenpiteet niihin reagoimiseksi.

Documentation of other stakeholders
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Partner management
Agreements and monitoring
requirements

Task is fulfilling also these other security requirements

HAL-04.6: Suojattavat kohteet - sidosryhmät
Julkri
HAL-05: Vaatimukset
Julkri
4.2: Interested parties
ISO27k1 Full
3: Keskeisten sidos- ja asiakasryhmien kartoitus
Sec overview
21.2.d: Supply chain security
NIS2
1. Task description

The organization shall identify

  • the stakeholders relevant to the security management system
  • the security requirements set by these stakeholders

Data system providers and personal data processors are treated through separate tasks.

No items found.