Cybersecurity Supply Chain Risk Management (C-SCRM) is the process of identifying, assessing, responding to and monitoring cybersecurity risks that originate from suppliers, vendors, service providers, software, hardware and other third-party dependencies.
The ComplianceForge C-SCRM template package supports organizations that need an editable strategy and implementation plan for managing supply chain cybersecurity risk. C-SCRM should address supplier due diligence, contractual security requirements, third-party risk assessments, software and technology acquisition risks, incident notification expectations and ongoing supplier monitoring.
