When to use this
Use this record when sensitive information needs to be transferred outside normal approved flows or to an external party.
Related controls
Approval record
| Field | Value |
|---|---|
| Request ID | TBD |
| Data type/classification | TBD |
| Source | TBD |
| Destination/recipient | TBD |
| Business reason | TBD |
| Transfer method | TBD |
| Protection required | TBD |
| Approved by | TBD |
| Date/time | TBD |
| Evidence/log reference | TBD |
| Deletion/return requirement | TBD |
Minimum checks
- Business reason is legitimate.
- Recipient is authorized.
- Transfer channel is approved or risk-accepted.
- Protection requirements are applied.
- Evidence is retained.
- Template
- Iso27001
- Technological controls
- Dlp
- Information transfer
Note Metadata
Aliases: Sensitive Transfer Approval
Source: 90 Templates/Sensitive Data Transfer Approval Record.md
Related Notes
- ISO 27001 A.5.14 - Information Transfer
- ISO 27001 A.5.34 - Privacy and Protection of PII
- A.8.12 Audit Evidence Pack
- ISO 27001 A.8.12 - Data Leakage Prevention
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.12 Audit Checklist
- Templates MOC