EU code of conduct for cloud service providers a guide to compliance.

Mostrar otras versiones (1)

The EU Data Protection Code of Conduct for Cloud Service Providers provides guidance on how to implement the Code within your organisation, exploring the objectives of the Code and how compliance can be achieved with or without a pre-existing ISMS (information security management system) within the...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: CALDER, ALAN
Formato: Electrónico eBook
Idioma:Inglés
Publicado: [S.l.] : IT GOVERNANCE LTD, 2021.
Temas:
Cloud computing > Law and legislation > European Union countries.
Cloud computing > Law and legislation
European Union countries
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover
  • Title
  • Copyright
  • About the Author
  • Contents
  • Introduction
  • Why should my organisation use the Code?
  • Scope and structure of the Code
  • Chapter 1: Data protection requirements
  • 5.1 Terms and conditions of the Cloud services agreement
  • 5.2 Processing personal data lawfully
  • 5.3 Sub-processing
  • 5.4 International transfers of customer's personal data
  • 5.5 Right to audit
  • 5.6 Liability
  • 5.7 Cooperation with the customer
  • 5.8 Records of processing
  • 5.9 Data protection point of contact
  • 5.10 Rights of the data subject
  • 5.11 Cooperation with supervisory authorities
  • 5.12 Confidentiality of the processing
  • 5.13 Assistance with personal data breaches
  • 5.14 Termination of the Cloud services agreement
  • Chapter 2: Security requirements
  • 6.1 General security requirements
  • Chapter 3: Detailed security objectives
  • Objective 1
  • Management direction for information security
  • Objective 2
  • Organisation of information security
  • Objective 3
  • Human resources security
  • Objective 4
  • Asset management
  • Objective 5
  • Access controls
  • Objective 6
  • Encryption
  • Objective 7
  • Physical and environmental security
  • Objective 8
  • Operational security
  • Objective 9
  • Communications security
  • Objective 10
  • System development and maintenance
  • Objective 11
  • Suppliers
  • Objective 12
  • Information security incident management
  • Objective 13
  • Information security in business continuity
  • Chapter 4: Transparency
  • Chapter 5: Assessment and certification
  • Initial assessment
  • Ongoing assessment and monitoring
  • Chapter 6: Conclusion
  • Further reading

Ejemplares similares