Relevant information security requirements should be established and agreed with each supplier based on the type of supplier relationship.
With this control in place organisations can help ensure that their information is adequately protected and that their expectations and requirements for information security are clearly communicated to their suppliers.
When addressing information security within supplier agreements, it is important for organisations to clearly define their expectations and requirements for protecting sensitive or confidential information. This can be done through the inclusion of specific clauses in the agreement that outline the responsibilities of both parties in relation to information security.Some specific clauses that organisations may consider including in supplier agreements to address information security are:
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.