Reference Toolkit

7. Understanding the Needs and Expectations of Interested Parties

The interested parties that are relevant to the ISMS of XXX have been determined below
with their individual expectations.

External Parties Example Requirements

Legal Data Protection Act
Companies Act
Customer Type A ISO 27001 Compliance
99.9% Availability of Systems
Meeting SLA (4hr response – contact
centre)
Customer Type B PCI DSS Requirements 9 & 12
Meeting SLA (4hr response – contact
centre)
Insurer Meeting policy requirements
Payment of premiums
Reporting changes in circumstances
Suppliers Adherence to payment terms
Trade bodies/associations Membership requirements
Meeting standards to which the organization
adheres
Provision of guidance
Emergency services Fire Safety
First aid provision
Staff dependents Providing a safe working environment
Paying a fair rate for the job
Competitors None
Business owners/shareholders/investors Return on capital
Bank and/or other finance providers Meeting repayment terms
Compliance with loan conditions
Business partners Adherence to contractual agreements
Contractors Adherence to contractual agreements

Internal Parties Example Requirements

Staff including drivers, maintenance, Terms & conditions
administration, loading etc Training & support
Safe working conditions
Continuity of employment
Opportunities for advancement
Contractors Adherence to agreements
Business partners Adherence to agreements
Workers’ (labour) representative Terms & conditions for workers

ISM02201ENGX v1.0 Oct 2013 ©The British Standards Institution 2013 1 of 1