graphgrc

SCF - TPM-03 - Supply Chain Protection

Mechanisms exist to evaluate security risks associated with the services and product supply chain.

Mapped framework controls

GDPR

• Art 28.10
• Art 28.1
• Art 28.2
• Art 28.3
• Art 28.4
• Art 28.5
• Art 28.6
• Art 28.9

ISO 27002

• A.5.19
• A.5.21
• A.5.22
• A.8.30

NIST 800-53

• SR-2(1)
• SR-2

SOC 2

• CC9.1

Control questions

Does the organization evaluate security risks associated with the services and product supply chain?

This site is open source. Improve this page.