|Description||Third Party and Supply Chain Management: Service Providers, Network Operators, and Equipment Suppliers should ensure supply chain security by having security language in their contracts and periodic risk assessments on their 3rd party verifing the outside party's security practices.|
|Network Type(s)||Cable; Internet/Data; Satellite; Wireless; Wireline|
|Industry Role(s)||Service Provider; Network Operator; Equipment Supplier|
|Keyword(s)||Cyber Security;Intrusion Detection;Policy;Training and Awareness;|
|Reference/Comments||NIST 800-53 revision 3: Recommended Security Controls for Federal Information Systems and Organizations security control catalogue.
NIST IR-7622, DRAFT Piloting Supply Chain Risk Management Practices for Federal Information Systems
Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing V2.1