>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

DM-03Terms of Service

>Control Description

Consent is obtained for Organization's Terms of Service (ToS) prior to collecting personal information and when the ToS is updated.

Theme

Process

Type

Preventive

Policy/Standard

Data Management Policy

>Implementation Guidance

1. Ensure that organizations Terms of Service are defined and documented. 2. Ensure that a process is defined for updating the Terms of Service which includes recapturing of consent. 3. Ensure that the consent is taken for the Terms of Service prior to collecting personal information.

>Testing Procedure

1. Inspect and validate whether Terms of Service are defined and documented for the organization. 2. Inspect whether the Terms of Service are updated periodically and ensure that consent is recaptured after updates. 3. For sample of customers validate whether consent was obtained before collection of personal information.

>Audit Artifacts

E-DM-04
E-DM-05
E-DM-06

Ask AI

Configure your API key to use AI features.