🔗
ISO/IEC 27036
Information security for supplier relationships
Organization: ISO/IEC • Category: Supply Chain Security
1
Related Articles
4
Articles with Obligations
4
Key Sections
8
Coverage Areas
Overview
Provides guidance on information security in supplier relationships, including supply chain security. Addresses how to secure information and ICT supply chains.
Applicability
Supplier and supply chain security management
Relevance to Network and Information Security Directive (NIS2)
Key Coverage Areas
1
Supplier risk assessment
2
Supply chain security requirements
3
Supplier security agreements
4
Third-party security controls
5
Supply chain visibility
6
Supplier monitoring and auditing
7
Incident response with suppliers
8
Secure procurement processes
Standard Sections & Chapters
Part-1
Overview and concepts
Part-2
Requirements
Part-3
ICT supply chain security
Part-4
Cloud services
Related Network and Information Security Directive (NIS2) Articles
Article 28: Database of domain name registration data
View Article →
Sections: Part-2, Part-3
ICT supply chain security requirements
Implementation Guidance:
Assess and manage supplier cybersecurity risks throughout lifecycle
Quick Information
- Organization
- ISO/IEC
- Category
- Supply Chain Security
- Certification
- Not available