psjenkins/ISMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
870a576aa41f4352748d27ff98463e52fb324d9a
ISMS/04-registers/legal-and-regulatory-obligations-register-template.md
Paul Jenkins 5eade2d99b Initial commit
2026-03-26 09:35:22 +00:00

62 lines
2.2 KiB
Markdown
Raw Blame History

Title: Legal and Regulatory Obligations Register Template
Document ID: [REG-LEGAL-001]
Version: 0.1 Draft
Status: Draft
Owner: CISO (Paul Jenkins)
Approver: CISO (Paul Jenkins)
Classification: Internal
Effective date: [DD Month YYYY]
Review date: [DD Month YYYY]
# Legal and Regulatory Obligations Register Template
## Purpose
This template provides the structure for recording legal, regulatory, contractual, and other formal obligations relevant to the ISMS.
## Scope
This register applies to obligations affecting information security, privacy, records, supplier management, incident notification, service delivery, and other in-scope activities.
## Data Fields / Expected Columns
The register should record at least:
- obligation ID
- source or requirement name
- obligation type
- summary of requirement
- applicable business area
- owner
- jurisdiction or context
- review frequency
- compliance evidence reference
- status
- next review date
- notes
## Ownership
This register should be owned by [Role]. Individual obligations should have accountable owners responsible for assessing applicability and maintaining evidence.
## Update Frequency
The register should be updated when new obligations are identified, existing obligations change, or review outcomes alter applicability or evidence status.
## Retention
Records should be retained in line with document and records retention requirements and any applicable legal or audit expectations.
## Template Table
| Obligation ID | Source / Requirement Name | Obligation Type | Summary of Requirement | Applicable Area | Owner | Jurisdiction / Context | Review Frequency | Evidence Reference | Status | Next Review Date | Notes |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| [L-001] | [Law / Contract / Requirement] | [Legal / Regulatory / Contractual] | [Summary] | [Area] | [Role] | [UK / Customer / Multi-jurisdiction] | [Frequency] | [Policy / record / contract] | [Applicable / Under Review / Not Applicable] | [DD Month YYYY] | [Notes] |
## Related Documents
- Privacy and Data Protection Policy
- Records Retention and Disposal Policy
- Breach Notification Procedure
- Document and Records Control Standard
Reference in New Issue View Git Blame Copy Permalink