Skip to main content

SID-ORG-04 — Supplier and Third-Party Security

PropertyValue
Statusto_do
Owneroperator
Categorypolicy
CSF Functiongovern
GroupGovernance and Policy Controls

Description

Assess and manage information security risks from suppliers, including the SirosID platform provider (Siros Foundation). Maintain supplier agreements addressing security requirements, audit rights, incident notification, and SLAs. Monitor the ICT supply chain for compromised components (dependencies, libraries).

Audit Findings

FindingSeverityStatus
ISO-O-12 — Partial supply chain securitymediumopen