Category:Supply Chain Risk Management (ID.SC)

From GCA ACT

Revision as of 03:24, 23 October 2023 by Globalcyberalliance (talk | contribs) (Created via script)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Subcategories

This category has the following 5 subcategories, out of 5 total.

I

ID.SC-1: Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders‎ (1 P)
ID.SC-2: Suppliers and third party partners of information systems, components, and services are identified, prioritized, and assessed using a cyber supply chain risk assessment process‎ (1 P)
ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and Cyber Supply Chain Risk Management Plan.‎ (1 P)
ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations.‎ (1 P)
ID.SC-5: Response and recovery planning and testing are conducted with suppliers and third-party providers‎ (1 P)

Retrieved from ‘https://act.gcai.dev/index.php?title=Category:Supply_Chain_Risk_Management_(ID.SC)&oldid=4467’

IDENTIFY (ID)

Navigation menu