graphgrc

SCF - TPM-04 - Third-Party Services

Mechanisms exist to mitigate the risks associated with third-party access to the organization’s systems and data.

Mapped framework controls

ISO 27002

• A.5.19
• A.8.30

NIST 800-53

• SA-9

SOC 2

• CC3.3

Control questions

Does the organization mitigate the risks associated with third-party access to the organization’s systems and data?

This site is open source. Improve this page.