EU code of conduct for cloud service providers a guide to compliance.

The EU Data Protection Code of Conduct for Cloud Service Providers provides guidance on how to implement the Code within your organisation, exploring the objectives of the Code and how compliance can be achieved with or without a pre-existing ISMS (information security management system) within the...

Full description

Saved in:
Bibliographic Details
Main Author CALDER, ALAN
Format Electronic eBook
LanguageEnglish
Published [S.l.] : IT GOVERNANCE LTD, 2021.
Subjects
Cloud computing > Law and legislation > European Union countries.
elektronické knihy
electronic books
Online AccessFull text
ISBN178778343X
9781787783430
9781787783447
1787783448
Physical Description1 online resource

Cover

Table of Contents:
  • Cover
  • Title
  • Copyright
  • About the Author
  • Contents
  • Introduction
  • Why should my organisation use the Code?
  • Scope and structure of the Code
  • Chapter 1: Data protection requirements
  • 5.1 Terms and conditions of the Cloud services agreement
  • 5.2 Processing personal data lawfully
  • 5.3 Sub-processing
  • 5.4 International transfers of customer's personal data
  • 5.5 Right to audit
  • 5.6 Liability
  • 5.7 Cooperation with the customer
  • 5.8 Records of processing
  • 5.9 Data protection point of contact
  • 5.10 Rights of the data subject
  • 5.11 Cooperation with supervisory authorities
  • 5.12 Confidentiality of the processing
  • 5.13 Assistance with personal data breaches
  • 5.14 Termination of the Cloud services agreement
  • Chapter 2: Security requirements
  • 6.1 General security requirements
  • Chapter 3: Detailed security objectives
  • Objective 1
  • Management direction for information security
  • Objective 2
  • Organisation of information security
  • Objective 3
  • Human resources security
  • Objective 4
  • Asset management
  • Objective 5
  • Access controls
  • Objective 6
  • Encryption
  • Objective 7
  • Physical and environmental security
  • Objective 8
  • Operational security
  • Objective 9
  • Communications security
  • Objective 10
  • System development and maintenance
  • Objective 11
  • Suppliers
  • Objective 12
  • Information security incident management
  • Objective 13
  • Information security in business continuity
  • Chapter 4: Transparency
  • Chapter 5: Assessment and certification
  • Initial assessment
  • Ongoing assessment and monitoring
  • Chapter 6: Conclusion
  • Further reading

Similar Items