SID-ORG-05 — Legal, Regulatory, and Contractual Compliance
| Property | Value |
|---|---|
| Owner | operator |
| Category | policy |
| CSF Function | govern |
| Group | Governance and Policy Controls |
Description
Identify and document all applicable legal, statutory, regulatory, and contractual requirements. For EUDI wallet: eIDAS 2.0, GDPR, CIR 2024/2981, national implementation acts. Maintain compliance register and conduct periodic reviews. Ensure intellectual property rights are respected (AGPL for CISO Assistant, platform license terms).
Framework Requirements
EUDI Security Requirements: CS-II.1-Surv
ISO 27001 Annex A: A.5.5, A.5.6, A.5.31, A.5.32, A.5.35, A.5.36
GDPR Checklist: Have a legal justification