3.1.6 Regulatory Compliance
| No: 43028139 | Date(g): 4/11/2021 | Date(h): 29/3/1443 |
Effective from 2021-11-04 - Nov 03 2021
To view other versions open the versions tab on the right
Principle
Relevant regulations including data privacy should be identified, communicated and complied which are affecting IT operations of the Member Organizations.
Control Requirements
| 1. | Member Organizations should establish a process ensuring compliance with IT related regulatory requirements. The process of ensuring compliance should: | |
| a. | be performed periodically or when new regulatory requirements become effective; | |
| b. | involve representatives from key areas of the Member Organization; | |
| c. | result in the update of IT policy, standards and procedures to accommodate any necessary changes (if applicable); and | |
| d. | maintain an up-to-date log of all relevant legal, regulatory and contractual requirements; their impact and required actions. | |