DS/ISO/IEC 27036-3:2023
Current
The latest, up-to-date edition.
Cybersecurity– Supplier relationships– Part3:Guidelines for hardware, software, and services supply chain security
20-06-2023
This document provides guidance for product and service acquirers, as well as suppliers of hardware, software and services, regarding: a)gaining visibility into and managing the information security risks caused by physically dispersed and multi-layered hardware, software, and services supply chains; b)responding to risks stemming from this physically dispersed and multi-layered hardware, software, and services supply chain that can have an information security impact on the organizations using these products and services; c)integrating information security processes and practices into the system and software life cycle processes, as described inISO/IEC/IEEE 15288andISO/IEC/IEEE12207, while supporting information security controls, as described inISO/IEC27002.
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.