PRI-07.3 ยท Obligation To Inform Third-Parties

Control Description

Mechanisms exist to inform applicable third-parties of any modification, deletion or other change that affects shared Personal Data (PD).

Control Question
Assessment question for control validation

Does the organization inform applicable third-parties of any modification, deletion or other change that affects shared Personal Data (PD)?

Control Weighting
5
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Additional Metadata
Applicability (Process):
x