TPM-11 ยท Third-Party Incident Response & Recovery Capabilities

Control Description

Mechanisms exist to ensure response/recovery planning and testing are conducted with critical suppliers/providers.

Control Question
Assessment question for control validation

Does the organization ensure response/recovery planning and testing are conducted with critical suppliers/providers?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Core Control Designations
Special designations and baseline inclusions
MAD: TPM-11
ESP Level 1: TPM-11
ESP Level 2: TPM-11
ESP Level 3: TPM-11
Additional Metadata
Applicability (Process):
x