Help
Category
:
Supply Chain Risk Management (ID.SC)
From GCA ACT
Jump to navigation
Jump to search
Subcategories
This category has the following 5 subcategories, out of 5 total.
I
ID.SC-1: Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders
(1 P)
ID.SC-2: Suppliers and third party partners of information systems, components, and services are identified, prioritized, and assessed using a cyber supply chain risk assessment process
(1 P)
ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and Cyber Supply Chain Risk Management Plan.
(1 P)
ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations.
(1 P)
ID.SC-5: Response and recovery planning and testing are conducted with suppliers and third-party providers
(1 P)
Category
:
IDENTIFY (ID)
Navigation menu
Page actions
Category
Discussion
Read
View source
History
Page actions
Category
Discussion
More
Tools
Personal tools
Create account
Log in
Navigation
ACT Home
Find Your Community
Report Cybercrime
Top Threats
Enhanced Protection
Advanced Security
Get Help
GET INVOLVED
Terms of Use
UCoC
Disclaimers
Privacy Policy
Help about MediaWiki
Search
Tools
What links here
Related changes
Special pages
Printable version
Permanent link
Page information
Browse properties