💼 A.15.1.2 Addressing security within supplier agreements

• Contextual name: 💼 A.15.1.2 Addressing security within supplier agreements
• ID: /frameworks/iso-iec-27001-2013/15/01/02
• Located in: 💼 A.15.1 Information security in supplier relationships

Description

All relevant information security requirements shall be established and agreed with each supplier that may access, process, store, communicate, or provide IT infrastructure components for, the organization’s information.

Similar

• Internal
  • ID: dec-c-05ebc46f

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 ID.BE-1: The organization's role in the supply chain is identified and communicated
💼 NIST CSF v1.1 → 💼 ID.SC-1: Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders
💼 NIST CSF v1.1 → 💼 ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization's cybersecurity program and Cyber Supply Chain Risk Management Plan

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags