🔗
ISO/IEC 27036
Information security for supplier relationships
Organization: ISO/IEC • Category: Supply Chain Security
1
Related Articles
1
Articles with Obligations
4
Key Sections
8
Coverage Areas
Overview
Provides guidance on information security in supplier relationships, including supply chain security. Addresses how to secure information and ICT supply chains.
Applicability
Supplier and supply chain security management
Relevance to Cyber Resilience Act (CRA)
Essential for CRA supply chain security requirements and component sourcing
Key Coverage Areas
1
Supplier risk assessment
2
Supply chain security requirements
3
Supplier security agreements
4
Third-party security controls
5
Supply chain visibility
6
Supplier monitoring and auditing
7
Incident response with suppliers
8
Secure procurement processes
Standard Sections & Chapters
Part-1
Overview and concepts
Part-2
Requirements
Part-3
ICT supply chain security
Part-4
Cloud services
Related Cyber Resilience Act (CRA) Articles
Article 21: Cases in which obligations of manufacturers apply to importers and distributors
View Article →
Sections: Part-2, Part-3
ICT supply chain security requirements
Implementation Guidance:
Implement supplier security requirements, assessments, and monitoring
Quick Information
- Organization
- ISO/IEC
- Category
- Supply Chain Security
- Certification
- Not available