7. Understanding the Needs and Expectations of Interested Parties
The interested parties that are relevant to the ISMS of XXX have been determined below with their individual expectations.
External Parties Example Requirements
Legal Data Protection Act Companies Act Customer Type A ISO 27001 Compliance 99.9% Availability of Systems Meeting SLA (4hr response – contact centre) Customer Type B PCI DSS Requirements 9 & 12 Meeting SLA (4hr response – contact centre) Insurer Meeting policy requirements Payment of premiums Reporting changes in circumstances Suppliers Adherence to payment terms Trade bodies/associations Membership requirements Meeting standards to which the organization adheres Provision of guidance Emergency services Fire Safety First aid provision Staff dependents Providing a safe working environment Paying a fair rate for the job Competitors None Business owners/shareholders/investors Return on capital Bank and/or other finance providers Meeting repayment terms Compliance with loan conditions Business partners Adherence to contractual agreements Contractors Adherence to contractual agreements
Internal Parties Example Requirements
Staff including drivers, maintenance, Terms & conditions administration, loading etc Training & support Safe working conditions Continuity of employment Opportunities for advancement Contractors Adherence to agreements Business partners Adherence to agreements Workers’ (labour) representative Terms & conditions for workers