0%
14Chapters
0-1Hours read
0kTotal Words
The EU Data Protection Code of Conduct for Cloud Service Providers provides guidance on how to implement the Code within your organisation, exploring the objectives of the Code and how compliance can be achieved with or without a pre-existing ISMS (information security management system) within the organisation.
Table of Contents
- Cover Image
- Title Page
- Copyright
- About the Author
- Contents
- Introduction
- Chapter 1: Data protection requirements
- 5.1 Terms and conditions of the Cloud services agreement
- 5.2 Processing personal data lawfully
- 5.3 Sub-processing
- 5.4 International transfers of customer’s personal data
- 5.5 Right to audit
- 5.6 Liability
- 5.7 Cooperation with the customer
- 5.8 Records of processing
- 5.9 Data protection point of contact
- 5.10 Rights of the data subject
- 5.11 Cooperation with supervisory authorities
- 5.12 Confidentiality of the processing
- 5.13 Assistance with personal data breaches
- 5.14 Termination of the Cloud services agreement
- Chapter 2: Security requirements
- Chapter 3: Detailed security objectives
- Objective 1 – Management direction for information security
- Objective 2 – Organisation of information security
- Objective 3 – Human resources security
- Objective 4 – Asset management
- Objective 5 – Access controls
- Objective 6 – Encryption
- Objective 7 – Physical and environmental security
- Objective 8 – Operational security
- Objective 9 – Communications security
- Objective 10 – System development and maintenance
- Objective 11 – Suppliers
- Objective 12 – Information security incident management
- Objective 13 – Information security in business continuity
- Chapter 4: Transparency
- Chapter 5: Assessment and certification
- Chapter 6: Conclusion
- Further reading