>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SP-03Exceptions from Existing Policies and Instructions

>Control Description

Exceptions to the policies and instructions for information security as well as respective controls go through the OIS-06 risk management process, including approval of these exceptions and acceptance of the associated risks by the risk owners. The approvals of exceptions are documented, limited in time and are reviewed for appropriateness at least annually by the risk owners. Additional criteria: -

Ask AI

Configure your API key to use AI features.