💼 ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization's cybersecurity program and Cyber Supply Chain Risk Management Plan
- Contextual name: 💼 ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization's cybersecurity program and Cyber Supply Chain Risk Management Plan
- ID:
/frameworks/nist-csf-v1.1/id-sc/03 - Located in: 💼 Supply Chain Risk Management (ID.SC)
Description​
Empty...
Similar​
- Sections
/frameworks/iso-iec-27001-2013/15/01/01/frameworks/iso-iec-27001-2013/15/01/02/frameworks/iso-iec-27001-2013/15/01/03/frameworks/nist-sp-800-53-r4/sa/09/frameworks/nist-sp-800-53-r4/sa/11/frameworks/nist-sp-800-53-r4/sa/12
- Internal
- ID:
dec-c-5eed7e9c
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 ISO/IEC 27001:2013 → 💼 A.15.1.1 Information security policy for supplier relationships | ||||
| 💼 ISO/IEC 27001:2013 → 💼 A.15.1.2 Addressing security within supplier agreements | ||||
| 💼 ISO/IEC 27001:2013 → 💼 A.15.1.3 Information and communication technology supply chain | ||||
| 💼 NIST SP 800-53 Revision 4 → 💼 SA-9 EXTERNAL INFORMATION SYSTEM SERVICES | 5 | |||
| 💼 NIST SP 800-53 Revision 4 → 💼 SA-11 DEVELOPER SECURITY TESTING AND EVALUATION | 8 | |||
| 💼 NIST SP 800-53 Revision 4 → 💼 SA-12 SUPPLY CHAIN PROTECTION | 15 |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST CSF v2.0 → 💼 GV.SC-05: Requirements to address cybersecurity risks in supply chains are established, prioritized, and integrated into contracts and other types of agreements with suppliers and other relevant third parties |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|