ISM-0072Active

Control: ism-0072

Control Statement

Security requirements associated with the confidentiality, integrity and availability of data are documented in contractual arrangements with service providers and reviewed on a regular and ongoing basis to ensure they remain fit for purpose.

Location

Guideline: Guidelines for procurement and outsourcing
Section: Managed services and cloud services
Topic: Contractual security requirements with service providers

Control Details

Identifier: ISM-0072
Revision: 9
Updated: Dec-22
Type: Control

Classification Applicability

NCOSPSTS

Essential Eight

N/A

EquivalentPartialRelated

AESCSF

AESCSF-THIRD-PARTIES-2erelatedvia aescsf-reference

AESCSF-THIRD-PARTIES-2frelatedvia aescsf-reference

AESCSF-THIRD-PARTIES-2hrelatedvia aescsf-reference

AESCSF-THIRD-PARTIES-2irelatedvia aescsf-reference

AESCSF-THIRD-PARTIES-2jrelatedvia aescsf-reference

View in graph Report an issue

← Back to Contractual security requirements with service providers

Control: ism-0072

Control Statement

Location

Control Details

Classification Applicability

Essential Eight

Cross-Framework Mappings14

Control: ism-0072

Control Statement

Location

Control Details

Classification Applicability

Essential Eight

Cross-Framework Mappings14