In this article we lay bare the ISO27001 Legal Register. Exposing the insider trade secrets, giving you the templates that will save you hours of your life and showing you exactly what you need to do to satisfy it for ISO27001 certification. We show you exactly what changed in the ISO27001:2022 update. I am Stuart Barker the ISO27001 Ninja and this is the ISO27001 Legal Register
What is an ISO 27001 Legal Register?
The ISO 27001 legal and contractual register is used to identify which laws apply to your organisation, what contractual requirements customers have placed on you, what regulatory requirements there maybe and what standards you are working towards. It is used to evidence that they have been reviewed, agreed and signed off and to show when they will next be reviewed. All of these will inform and influence your information security management system.
ISO 27001 Legal Register Template
The ISO 27001 legal register template can save a lot of time, being prewritten and pre filled with best practice.
ISO 27001 requirements for the legal register
ISO 27001 Annex A 5.31 Legal, statutory, regulatory and contractual requirements requires a legal register. It states
‘Legal, statutory, regulatory and contractual requirements relevant to information security and the organization’s approach to meet these requirements should be identified, documented and kept up to date.’
ISO 27001 Annex A 5.31
ISO 27001 Legal and Contractual Register Walkthrough
In this short tutorial we show you how to create and use a legal and contractual register yourself.
Legal and Contractual Register FAQ
It is a document that lists the applicable laws and customer contractual requirements on your organisation.
It is used to show what laws and contractual requirements apply to your organisation and evidences that you are aware of them and have reviewed them. These will inform and influence your information security management system.
It includes a list of laws and customer requirements on information security that apply to your organisation with the date they were last reviewed and the date they will next be reviewed.
A legal and contractual register template can be downloaded here: https://hightable.io/product/legal-and-contractual-requirements-register/
ISO 27001 Annex A 5.31 Legal, statutory, regulatory and contractual requirements requires a legal register. It states’ Legal, statutory, regulatory and contractual requirements relevant to information security and the organization’s approach to meet these requirements should be identified, documented and kept up to date.’
Read Next
- Guaranteed ISO 27001 Certification up to 10x Faster and 30x Cheaper
- The Ultimate ISO 27001 TOOLKIT so you can do it yourself
- ISO 27001 Exposed: The facts you must know (Not knowing these could cost you $10,000s!)
- 25 Things You Must Know Before Going for ISO 27001 Certification (Number 3 will blow your mind!)
FREE 30 minute ISO27001 strategy session.
Claim your 100% FREE no-obligation 30 minute strategy session call (£1000 value). This is strictly for small businesses who are hungry to get ISO27001 certified up to 10x faster and 30x cheaper.
