Blog supplier
Supplier management in ISO 27001
Since suppliers often have access to information assets that are critical to business operations, the ISO 27001 standard dedicates a full set of organizational controls (5.19–5.23) to managing information security risks in supplier relationships. In this article, we explain these controls and provide a supplier register template.
Pavlo Burda
Register of suppliers – free template
Suppliers come in all shapes and sizes: utilities, cloud platforms, office facilities, email providers, equipment maintenance, accountants, freelancers, PEN-testers and last but not least, information security consultants like ICT Institute. Your relationship with them should include information security considerations. The security requirements for suppliers depends on the service or product they provide. Your outsourced HR…
Sieuwert van Otterloo