As discussed with you during my meeting with you, I have 2 non-conformities for my ISO 27001 audit. One of them was A.15.2 - Supplier Relationship. We failed on A15.2.1 - Auditor notes "No evidence of monitoring and review of supplier services."
I read your blog on risk mitigation - https://advisera.com/27001academy/blog/2016/05/16/4-mitigation-options-risk-treatment-according-iso-27001/
My question for you is that we have Insurance. Can we transfer the risk of A15.2 using the insurance? Please let me know.