A.5.20 — Addressing information security within supplier agreements
This control addresses information security requirements within supplier agreements. Measures include explicit contract clauses, compliance audits, and defined penalties for violations.
| Property | Value |
|---|---|
| Section | process |
| Owner | operator |
Mapped Controls
| Control | Title |
|---|---|
| SID-ORG-04 | Supplier and Third-Party Security |
Source: ISO/IEC 27001:2022 Annex A