Guest user Created: Sep 29, 2021 Last commented: Sep 29, 2021

15.1. Control Document

I have previously had advise that individual control documents are available, which i have reviewed, but our auditor has specifically asked to develop a control document for 15.1.3 Information and communication technology supply chain, we already have a 15.1.1 and a 15.1.2. The supplier security policy appears to be more related to 15.1 but would it also cover policy required for ICT supplier arrangements as required in 15.1.3

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Sep 29, 2021

The template Supplier Security Policy was developed to also cover control A.15.1.3 (on sections 3.1 – Identifying risks, and 3.3 - Contracts).

To take a look to see if it can fulfill your needs, please access the free demo in this link: https://advisera.com/27001academy/documentation/supplier-security-policy/

This article will provide you a further explanation about supplier security:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Sep 29, 2021

Expert Advice Community