graphgrc

SCF - PRI-07.1 - Data Privacy Requirements for Contractors & Service Providers

Mechanisms exist to include data privacy requirements in contracts and other acquisition-related documents that establish data privacy roles and responsibilities for contractors and service providers.

Mapped framework controls

GDPR

• Art 26.1
• Art 26.2
• Art 26.3
• Art 28.10
• Art 28.1
• Art 28.2
• Art 28.3
• Art 28.4
• Art 28.5
• Art 28.6
• Art 28.9
• Art 29
• Art 6.1
• Art 6.4

ISO 27002

• A.5.31
• A.5.33

SOC 2

• P6.4

Control questions

Does the organization include data privacy requirements in contracts and other acquisition-related documents that establish data privacy roles and responsibilities for contractors and service providers?

This site is open source. Improve this page.