+ISMS.1.A5 Contract Design When Appointing an External Chief Information Security Officer [Top Management] (B)

1. Übersicht

ISMS.1.A5 Contract Design When Appointing an External Chief Information Security Officer [Top Management] (B)

An organisation's Top Management MUST appoint an external Chief Information Security
Officer (CISO) if the role of CISO cannot be filled by an internal employee. The contract with
the external CISO MUST include all the tasks of the CISO and their related rights and
obligations. The contract MUST include an appropriate confidentiality agreement. The
contract MUST ensure that the corresponding relationship is terminated in an orderly fashion,
including with regard to the handover of tasks back to the organisation in question.

Bezeichnung	Standard

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen
Source	Anforderung

3. Related Regulations

Regulations
Source	Regulierung

ITGC -
Bundesamt für Sicherheiter in der Informationstechnik - IT-Grundschutzkompendium Stand 2022