STA-06: Supply Chain Governance Reviews

CSF v1.1 References:

PF v1.0 References:

Next Version:

Info icon.

The next version of the control set incorporates all or part of this control into: STA-08: Supply Chain Risk Management.

Control Statement

Providers shall review the risk management and governance processes of their partners so that practices are consistent and aligned to account for risks inherited from other members of that partner’s cloud supply chain.

[ Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.