💼 A.15.1.3 Information and communication technology supply chain

• Contextual name: 💼 A.15.1.3 Information and communication technology supply chain
• ID: /frameworks/iso-iec-27001-2013/15/01/03
• Located in: 💼 A.15.1 Information security in supplier relationships

Description

Agreements with suppliers shall include requirements to address the information security risks associated with information and communications technology services and product supply chain.

Similar

• Internal
  • ID: dec-c-97d07430

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 ID.BE-1: The organization's role in the supply chain is identified and communicated
💼 NIST CSF v1.1 → 💼 ID.SC-1: Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders
💼 NIST CSF v1.1 → 💼 ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization's cybersecurity program and Cyber Supply Chain Risk Management Plan

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags