| Article 11 |
(Management of Change of Service)
If information security is impacted by a change of a service rendered by an information service supplier, the project officer of the organization shall conduct a risk assessment, e.g., impact analysis of confidentiality, integrity, and availability, ISO 27001 risk assessment, with regard to the service changed.
|
|