ID.RA-10:
Critical suppliers are assessed prior to acquisition
Implementation Examples
Ex1:
Conduct supplier risk assessments against business and applicable cybersecurity requirements, including the supply chain
Conduct supplier risk assessments against business and applicable cybersecurity requirements, including the supply chain