Periodically review the organization's supply chain partners' IT governance policies and procedures.
Reviews should validate alignment with applicable industry standards as well as service and contract requirements.
- Examine the policy for review of supply chain partners governance of IT.
- Determine if the right to review is incorporated contractually.
- Evaluate whether such a review cycle is operating within the organization.
[csf.tools Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]
Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.