Skip to main content

💼 ID.SC-1: Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders

ID: /frameworks/nist-csf-v1.1/id-sc/01

Description

Empty...

Similar

Sections
- /frameworks/nist-sp-800-53-r4/sa/09
- /frameworks/nist-sp-800-53-r4/sa/12
- /frameworks/iso-iec-27001-2013/15/01/01
- /frameworks/iso-iec-27001-2013/15/01/02
- /frameworks/iso-iec-27001-2013/15/01/03
- /frameworks/iso-iec-27001-2013/15/02/01
- /frameworks/iso-iec-27001-2013/15/02/02
Internal
- ID: dec-c-fb2f0b5d

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 ISO/IEC 27001:2013 → 💼 A.15.1.1 Information security policy for supplier relationships					no data
💼 ISO/IEC 27001:2013 → 💼 A.15.1.2 Addressing security within supplier agreements					no data
💼 ISO/IEC 27001:2013 → 💼 A.15.1.3 Information and communication technology supply chain					no data
💼 ISO/IEC 27001:2013 → 💼 A.15.2.1 Monitoring and review of supplier services					no data
💼 ISO/IEC 27001:2013 → 💼 A.15.2.2 Managing changes to supplier services					no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-9 EXTERNAL INFORMATION SYSTEM SERVICES	5				no data
💼 NIST SP 800-53 Revision 4 → 💼 SA-12 SUPPLY CHAIN PROTECTION	15				no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v2.0 → 💼 GV.RM-05: Lines of communication across the organization are established for cybersecurity risks, including risks from suppliers and other third parties					no data
💼 NIST CSF v2.0 → 💼 GV.SC-01: A cybersecurity supply chain risk management program, strategy, objectives, policies, and processes are established and agreed to by organizational stakeholders					no data
💼 NIST CSF v2.0 → 💼 GV.SC-02: Cybersecurity roles and responsibilities for suppliers, customers, and partners are established, communicated, and coordinated internally and externally					no data
💼 NIST CSF v2.0 → 💼 GV.SC-06: Planning and due diligence are performed to reduce risks before entering into formal supplier or other third-party relationships					no data
💼 NIST CSF v2.0 → 💼 GV.SC-09: Supply chain security practices are integrated into cybersecurity and enterprise risk management programs, and their performance is monitored throughout the technology product and service life cycle					no data
💼 NIST CSF v2.0 → 💼 GV.SC-10: Cybersecurity supply chain risk management plans include provisions for activities that occur after the conclusion of a partnership or service agreement			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections