InfoSec Insider

ISO 27001 Supplier Management Controls

Listen Later

In this episode of InfoSec Insider, Wayne Armstrong, Senior Consultant at URM, breaks down the 5 supplier management-related controls in the ‘Organisational’ control theme of ISO 27001’s Annex A.  Wayne draws upon 30+ of experience with information security to discuss: 

  • Why your organisation should consider supplier management as part of information security  
    • What each of the following 5 controls cover and how to implement them: 
      • A5.19 – Information security in supplier relationships 
        • A5.20 – Addressing information security within supplier relationships 
          • A5.21 – Managing information security in the ICT supply chain 
            • A5.22 – Monitoring, review and change management of supplier services 
              • A5.23 – Information security for use of cloud services.  

                • Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-supplier-management 

                 If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider     

                You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts   


                Brought to you by URM, the UK’s leading information and cyber security specialists. 

                ...more
                View all episodesView all episodes
                Download on the App Store
                InfoSec InsiderBy URM Consulting