When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this to identify, document, assign, review, and evidence legal, statutory, regulatory, and contractual information security requirements.
Requirements register
| Requirement ID | Source | Jurisdiction/customer/contract | Requirement summary | Applies to | Owner | Control mapping | Evidence location | Review date | Change trigger |
|---|---|---|---|---|---|---|---|---|---|
| REQ-0001 |
Related notes
- Template
- Iso27001
- Compliance
Note Metadata
Aliases: Compliance Requirements Register
Source: 90 Templates/Legal and Contractual Requirements Register.md
Related Notes
- Risk Assessment
- Statement of Applicability
- ISO 27001 A.5.31 - Legal, Statutory, Regulatory and Contractual Requirements
- ISO 27001 A.5.33 - Protection of Records
- ISO 27001 A.5.34 - Privacy and Protection of PII
- A.5.31 Audit Evidence Pack
- A.5 Organizational Controls Implementation Guide
- ISO27001-A.5.31 Legal, Statutory, Regulatory and Contractual Requirements
- EXAM-013 - Legal, IP, and Contractual Compliance
- ISO 27002 Annex A Control Interpretation Map
- PII Inventory and Privacy Requirements Matrix
- Templates MOC