GV.SC-01:

A cybersecurity supply chain risk management program, strategy, objectives, policies, and processes are established and agreed to by organizational stakeholders

Implementation Examples

Ex1:

Establish a strategy that expresses the objectives of the cybersecurity supply chain risk management program

Ex2:

Develop the cybersecurity supply chain risk management program, including a plan (with milestones), policies, and procedures that guide implementation and improvement of the program, and share the policies and procedures with the organizational stakeholders

Ex3:

Develop and implement program processes based on the strategy, objectives, policies, and procedures that are agreed upon and performed by the organizational stakeholders

Ex4:

Establish a cross-organizational mechanism that ensures alignment between functions that contribute to cybersecurity supply chain risk management, such as cybersecurity, IT, operations, legal, human resources, and engineering

GV.SC-01:

A cybersecurity supply chain risk management program, strategy, objectives, policies, and processes are established and agreed to by organizational stakeholders

Implementation Examples

Ex1:

Ex2:

Ex3:

Ex4:

Peaches.Cloud

Quick Links

Contact

Support Our Research