5.5 Contact with Authorities

Control

The organisation should establish and maintain contact with relevant authorities.

Purpose

Law Enforcement, regulatory bodies, and supervisory authorities play tremendous roles in helping an organisation prevent cyber incidents. Also, they help to recover from cyber incidents in case an organisation is affected by one. Therefore, organisations must establish and maintain contact with these entities.

Implementation Guidance

However, this list is not exhaustive; the number of policies and content of each will sometimes vary from one organisation to another. The requirements of documented policies will often depend on factors such as business activities, risk level, types of information processed, and the effectiveness of other controls in place.

ISO 27001

Find out more about our ISO 27001 Consultancy Services
ISO 27001 Consultancy
< Back to Controls
ISO 27001:2022

Organisational Controls

AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!

Got a question or need help? Don't hesitate to reach out to our team.

Need help with an ISO?

By filling out this form, you agree to the terms laid out in our privacy policy
Thanks, We'll reply asap
Request Failed to send, please check fields

27002:2022 Related Controls

CLick to view control
5.1 Policies for Information Security
5.2 Information Security Roles and Responsibilities
5.3 Segregation of Duties
5.4 Management Responsibilities
5.5 Contact with Authorities
5.6 Contact with Special Interest Groups
5.7 Threat Intelligence
5.8 Information Security in Project Management
5.9 Inventory of Information and Other Associated Assets
5.10 Acceptable use of Information and Other Associated Assets
5.11 Return of Assets
5.12 Classification of information
5.13 Labelling of Information
5.14 Information Transfer
5.15 Access Control
5.16 Identity Management
5.17 Authentication Information
5.18 Access Rights
5.19 Information Security in Supplier Relationships
5.20 Addressing Information Security Within Supplier Agreements
5.21 Managing Information Security in the ICT Supply Chain
5.22 Monitoring, Review and Change Management of Supplier Services
5.23 Information Security For The Use of Cloud Services
5.24 Information Security Incident Management Planning and Preparation
5.25 Assessment and Decision on Information Security Events
5.26 Response to IS Incidents
5.27 Learning from Information Security Incidents
5.28 Collection of Evidence
5.29 Information Security During Disruption
5.30 ICT Readiness for Business Continuity
5.31 Legal, Statutory, Regulatory and Contractual Requirements
5.32 Intellectual Property Rights
5.33 Protection of Records
5.34 Privacy and Protection of PII
5.35 Independent Review of Information Security
5.36 Compliance with Policies, Rules and Standards for Information Security
5.37 Documented Operating Procedures
ask a question

If you would like to know more about ISO Standards, Certification and the value of a good management system you can add to your business we would love to hear from you: Kent: 01892 800476 | London: 02037 458 476 | info@avisoconsultancy.co.uk

By filling out this form, you agree to the terms laid out in our privacy policy
Thank you!
Your submission has been received, one of our team members will be in touch soon.
Oops! Something went wrong while submitting the form.
ISO consultants kent
By clicking “Continue To Site”, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Continue To Site