#iso27001/2022/EN

## 7.4 Communication

The organization shall determine the need for internal and external communications relevant to the information security management system including:

a\) on what to communicate;

b\) when to communicate;

c\) with whom to communicate;

d\) how to communicate.