Content library
ISO 27018
A.8: Openness, transparency and notice

Requirement description

How to fill the requirement

ISO 27018

A.8: Openness, transparency and notice

Task name
Priority
Status
Theme
Policy
Other requirements
Documenting partners who are related to offered digital services supply chain
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Development and cloud
Cloud service management
10
requirements

Examples of other requirements this task affects

A.8: Openness, transparency and notice
ISO 27018
A.8.1: Disclosure of sub-contracted PII processing
ISO 27018
15.1.3: Information and communication technology supply chain
ISO 27017
A.8.5.6: Disclosure of subcontractors used to process PII
ISO 27701
A.8.5.7: Engagement of subcontractor to process PII
ISO 27701
See all related requirements and other information from tasks own page.
Go to >
Documenting partners who are related to offered digital services supply chain
1. Task description

The organization must clearly document all the digital services it provides to its customers according to the cloud service model.

The documentation for digital services must include the partners involved in the service supply chain. The partner listing must include supporting services (such as IaaS, such as AWS or MS Azure), other partners included in the main service provider's supply chain (such as outsourced development), and other services that complement the actual service (including IDaaS, CDN).

In the future, supply chain documentation can be used to review a more detailed division of safety responsibilities.

Informing the controller of the processors of personal data
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Privacy
Informing and data subject requests
6
requirements

Examples of other requirements this task affects

A.8: Openness, transparency and notice
ISO 27018
A.8.1: Disclosure of sub-contracted PII processing
ISO 27018
A.8.5.6: Disclosure of subcontractors used to process PII
ISO 27701
A.8.5.7: Engagement of subcontractor to process PII
ISO 27701
A.8.5.8: Change of subcontractor to process PII
ISO 27701
See all related requirements and other information from tasks own page.
Go to >
Informing the controller of the processors of personal data
1. Task description

The organization must define procedures for informing the controller of all processors of personal data before processing begins.

The notification shall include the data processed by the processors and the purposes for which they process the data.

Tasks included in the policy

Task name
Priority
Status
Theme
Policy
Other requirements
No items found.

Universal cyber compliance language model: Comply with confidence and least effort

In Cyberday, all frameworks’ requirements are mapped into universal tasks, so you achieve multi-framework compliance effortlessly.

Security frameworks tend to share the common core. All frameworks cover basic topics like risk management, backup, malware, personnel awareness or access management in their respective sections.
Cyberday’s universal cyber security language technology creates you a single security plan and ensures you implement the common parts of frameworks just once. You focus on implementing your plan, we automate the compliance part - for current and upcoming frameworks.
Start your free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.