13.1.2 Security of network services
Assign topic to the user
ISO 27001 SUPPLIER SECURITY POLICY
Define how suppliers and partners need to keep your information safe.
Get it now 
ISO 27001 SUPPLIER SECURITY POLICY
Define how suppliers and partners need to keep your information safe.
Get it now
ISO 27001 SUPPLIER SECURITY POLICY
Define how suppliers and partners need to keep your information safe.
Get it now
Answer:
The process is very similar as with other assets - you have to assess the risks related to the network and find appropriate controls. Some of the controls you might apply yourself, and some controls you might outsource to a supplier - this is what you have to state in Statement of Applicability. Make sure you specify all the obligations of this supplier in the agreement.
These article might help you:
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Comment as guest or Sign in
Apr 02, 2016