IAO-02.3: Third-Party Assessments

IAO-02.3 · Third-Party Assessments

Control Description

Mechanisms exist to accept and respond to the results of external assessments that are performed by impartial, external organizations.

Control Question

Assessment question for control validation

Does the organization accept and respond to the results of external assessments that are performed by impartial, external organizations?

Control Weighting

Validation Cadence

Semi-Annual

NIST CSF Function

Protect

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 3 - Tactical

Core Control Designations

Special designations and baseline inclusions

MAD: IAO-02.3

Additional Metadata

Applicability (Process):