Where A sub-processor is engaged, the exact same information security obligations from the deal in between the controller and processor must be imposed around the sub-processor by way of agreement or other “organisational actions.”[forty five] The processor will stay entirely liable for the controller for performance of the sub-processor’s obligations. https://userbookmark.com/story17646091/cyber-security-consulting-in-saudi-arabia