Color logo - no background.png

Advancement through Cyber Resilience

-
EN

Supplier ASsessment

Does the supplier’s contract include adequate clauses covering non-disclosure of the Customer Information?

Does the supplier’s contract include the following list of Information Security controls?

  • Data at-rest and in-transit protection

  • Information Security awareness training for all staff with access to the Customer Information

  • Cryptographic key management system

  • Customer data breach notification

  • Secure processes for management and disposal of Customer Information

  • Limited access to the Customer Information based on the “Need to Know” and “Least Privilege” principles

a
a

Have you ever assessed the supplier's Information Security capabilities over the environment containing the Customer Information according to the requirements of an accepted security framework (e.g., ISO 27001, NIST Cybersecurity, PCI-DSS)?

Did the assessment include reviewing evidence of control implementation?
a

Have you noticed any unresolved control weakness within the supplier environment that could have a major impact on the confidentiality or availability of the Customer Information?

(optional)

Acknowledgement

Please fill in all the mandatory fields!

Supplier Primary Contact

(optional)

required only when request for assessment!

(optional)

required only when request for assessment!

(optional)

Supplier Access

What category of data is the supplier held or have access to?

(Select if applicable)

arrow&v

Should the audit function review the evidence of control implementation?

arrow&v

(optional)

Please select data/system exposure tier by the supplier

Please review the calculated supplier criticality and click on Submit button to complete the form.

Please fill in all the mandatory fields!

loading_apple.gif

Sorry, you don't have permission to perform this activity. Please contact us if you need assistance! 

Supplier Profile

arrow&v

Supplier Primary Contact

(optional)

required only when request for assessment!

(optional)

required only when request for assessment!

(optional)

arrow&v
arrow&v

Supplier Profile

(optional)

(optional)

Upload Contract

View Contract

(optional)

Are you sure you want to permanently delete this supplier?

© 2021 Secure Forte Pty Ltd.

Version 2021.11.20

-
EN