EU Code of Conduct for Cloud Service Providers - A guide to compliance
The EU Data Protection Code of Conduct for Cloud Service Providers provides guidance on how to implement the Code within your organisation, exploring the objectives of the Code and how compliance can be achieved with or without a pre-existing ISMS (information security management system) within the...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
[Place of publication not identified] :
IT Governance Publishing
2021.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009635716706719 |
Tabla de Contenidos:
- CoverTitle
- Copyright
- About the Author
- Contents
- Introduction
- Why should my organisation use the Code?
- Scope and structure of the Code Chapter 1: Data protection requirements 5.1 Terms and conditions of the Cloud services agreement 5.2 Processing personal data lawfully 5.3 Sub-processing 5.4 International transfers of customer's personal data 5.5 Right to audit 5.6 Liability 5.7 Cooperation with the customer 5.8 Records of processing 5.9 Data protection point of contact 5.10 Rights of the data subject 5.11 Cooperation with supervisory authorities 5.12 Confidentiality of the processing 5.13 Assistance with personal data breaches 5.14 Termination of the Cloud services agreement Chapter 2: Security requirements 6.1 General security requirements Chapter 3: Detailed security objectives Objective 1 Management direction for information security Objective 2Organisation of information security Objective 3 Human resources security Objective 4 Asset management Objective 5 Access controls Objective 6 Encryption Objective 7 Physical and environmental security Objective 8 Operational security Objective 9 Communications security Objective 10 System development and maintenance Objective 11 Suppliers Objective 12 Information security incident management Objective 13 Information security in business continuity Chapter 4: Transparency Chapter 5: Assessment and certification Initial assessment Ongoing assessment and monitoring Chapter 6: Conclusion Further reading.
