💼 SR-8 Notification Agreements

ID: /frameworks/nist-sp-800-53-r5/sr/08

Description

Establish agreements and procedures with entities involved in the supply chain for the system, system component, or system service for the [Selection (one or more): notification of supply chain compromises; results of assessments or audits; [Assignment: organization-defined information]].

Similar

Internal
- ID: dec-c-032b0601

Similar Sections (Give Policies To)

Section	Policies	Compliance
💼 FedRAMP High Security Controls → 💼 SR-8 Notification Agreements (L)(M)(H)		no data
💼 FedRAMP Low Security Controls → 💼 SR-8 Notification Agreements (L)(M)(H)		no data
💼 NIST CSF v2.0 → 💼 GV.OC-02: Internal and external stakeholders are understood, and their needs and expectations regarding cybersecurity risk management are understood and considered	7	no data
💼 NIST CSF v2.0 → 💼 GV.SC-08: Relevant suppliers and other third parties are included in incident planning, response, and recovery activities	1	no data
💼 NIST CSF v2.0 → 💼 RC.CO-03: Recovery activities and progress in restoring operational capabilities are communicated to designated internal and external stakeholders	1	no data
💼 NIST CSF v2.0 → 💼 RS.CO-02: Internal and external stakeholders are notified of incidents	31	no data
💼 NIST CSF v2.0 → 💼 RS.CO-03: Information is shared with designated internal and external stakeholders	19	no data
💼 NIST CSF v2.0 → 💼 RS.MA-01: The incident response plan is executed in coordination with relevant third parties once an incident is declared	1	no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections