💼 SR-8 Notification Agreements

Contextual name: 💼 SR-8 Notification Agreements
ID: /frameworks/nist-sp-800-53-r5/sr/08
Located in: 💼 SR Supply Chain Risk Management

Description

Establish agreements and procedures with entities involved in the supply chain for the system, system component, or system service for the [Selection (one or more): notification of supply chain compromises; results of assessments or audits; [Assignment: organization-defined information]].

Similar

Internal
- ID: dec-c-032b0601

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 SR-8 Notification Agreements (L)(M)(H)
💼 FedRAMP Low Security Controls → 💼 SR-8 Notification Agreements (L)(M)(H)
💼 NIST CSF v2.0 → 💼 GV.OC-02: Internal and external stakeholders are understood, and their needs and expectations regarding cybersecurity risk management are understood and considered			7
💼 NIST CSF v2.0 → 💼 GV.SC-08: Relevant suppliers and other third parties are included in incident planning, response, and recovery activities			1
💼 NIST CSF v2.0 → 💼 RC.CO-03: Recovery activities and progress in restoring operational capabilities are communicated to designated internal and external stakeholders			1
💼 NIST CSF v2.0 → 💼 RS.CO-02: Internal and external stakeholders are notified of incidents			30
💼 NIST CSF v2.0 → 💼 RS.CO-03: Information is shared with designated internal and external stakeholders			18
💼 NIST CSF v2.0 → 💼 RS.MA-01: The incident response plan is executed in coordination with relevant third parties once an incident is declared			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections