>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

Article 13.5Article 13.5

>Control Description

In the case of outsourced services, except for justified and documented cause, the organization providing said services must designate a POC (Point or Contact Person) for the security of the information processed and the service provided, who has the support of the management bodies, and that channels and supervises both compliance with the security requirements of the service it provides or solution it provides, as well as communications related to information security and incident management for the scope of said service. Said security POC will be the Security Manager of the contracted organization, will be part of its area or will have direct communication with it. All this without prejudice to the fact that the ultimate responsibility resides with the public sector entity receiving the aforementioned services.

>Cross-Framework Mappings

SCF

HRS-03
Compare
TPM-04
Compare
TPM-05.4
Compare

Ask AI

Configure your API key to use AI features.