Vision
Establishment
Procedures
Implementation
Monitoring
Messages
About ISMS
Why ISMS
Implementation
Role of Mgt.
Training
Security Forum
Success Factors
PDCA Model
Learn ISMS

EXTERNAL PARTIES

Objective:
 To devise out appropriate mechanism and system to govern external parties’ interaction based on business requirements

To ensure the security requirements and controls for accessing information processing facilities and information assets by the external parties

Scope:
Covers security requirements and controls for external or third parties only and proposes controls for access to information assets and information processing facilities only

Description:
 Evaluation of risks associated with external parties through RAP

Authorized access to KKI network, information assets and informational processing facilities

Security issues while dealing with customers have been assessed in Risk Assessment Plans

SLA explicitly defining security clauses have been signed with all external parties and their renewal and expiry is monitored through contract renewal and expiry procedure

Regular reviews of external parties to check their services and ensure their compliance with stated security requirements

Any changes in service requirements from KKI or from external parties are controlled through revision of SLAs and subsequent information to all interested parties