TPM-04.2 ยท External Connectivity Requirements - Identification of Ports, Protocols & Services

Control Description

Mechanisms exist to require External Service Providers (ESPs) to identify and document the business need for ports, protocols and other services it requires to operate its Technology Assets, Applications and/or Services (TAAS).

Control Question
Assessment question for control validation

Does the organization require External Service Providers (ESPs) to identify and document the business need for ports, protocols and other services it requires to operate its Technology Assets, Applications and/or Services (TAAS)?

Control Weighting
7
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: TPM-04.2
Additional Metadata
Applicability (Process):
x
Errata & Additional Notes

- wordsmithed control