Describes requirements for a resilience management policy in the supply chain to enable an organization to develop and implement policies, objectives, and programs, taking into account: - legal, regulatory and other requirements to which the organization subscribes, - information about significant risks, hazards and threats that may have consequences to the organization, its stakeholders, and on its supply chain, - protection of its assets and processes, and - management of disruptive incidents.