procurement
procurement Controls
3 controls across 1 framework.
NIST CSF
gv-sc-1
A cybersecurity supply chain risk management program is established
Govern / Cybersecurity Supply Chain Risk Management
high 8h
gv-sc-6
Due diligence is performed before entering into supplier relationships
Govern / Cybersecurity Supply Chain Risk Management
high 4h
id-ra-10
Critical suppliers are assessed prior to acquisition
Identify / Risk Assessment
high 6h