πΌ ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization's cybersecurity program and Cyber Supply Chain Risk Management Plan
- Contextual name: πΌ ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization's cybersecurity program and Cyber Supply Chain Risk Management Plan
- ID:
/frameworks/nist-csf-v1.1/id-sc/03 - Located in: πΌ Supply Chain Risk Management (ID.SC)
Descriptionβ
Empty...
Similarβ
- Sections
/frameworks/iso-iec-27001-2013/15/01/01/frameworks/iso-iec-27001-2013/15/01/02/frameworks/iso-iec-27001-2013/15/01/03/frameworks/nist-sp-800-53-r4/sa/09/frameworks/nist-sp-800-53-r4/sa/11/frameworks/nist-sp-800-53-r4/sa/12
- Internal
- ID:
dec-c-5eed7e9c
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ ISO/IEC 27001:2013 β πΌ A.15.1.1 Information security policy for supplier relationships | ||||
| πΌ ISO/IEC 27001:2013 β πΌ A.15.1.2 Addressing security within supplier agreements | ||||
| πΌ ISO/IEC 27001:2013 β πΌ A.15.1.3 Information and communication technology supply chain | ||||
| πΌ NIST SP 800-53 Revision 4 β πΌ SA-9 EXTERNAL INFORMATION SYSTEM SERVICES | 5 | |||
| πΌ NIST SP 800-53 Revision 4 β πΌ SA-11 DEVELOPER SECURITY TESTING AND EVALUATION | 8 | |||
| πΌ NIST SP 800-53 Revision 4 β πΌ SA-12 SUPPLY CHAIN PROTECTION | 15 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v2.0 β πΌ GV.SC-05: Requirements to address cybersecurity risks in supply chains are established, prioritized, and integrated into contracts and other types of agreements with suppliers and other relevant third parties |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|