>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CA-2Control Assessments

>Control Description

Ensure that the control assessment plan incorporates relevant C-SCRM controls and control enhancements. The control assessment should cover the assessment of both information systems and the supply chain and ensure that an enterprise-relevant baseline set of controls and control enhancements are identified and used for the assessment. Control assessments can include information from supplier audits, reviews, and supply chain-related information. Enterprises should develop a strategy for collecting information, including a strategy for engaging with providers on supply chain risk assessments. Such collaboration helps enterprises leverage information from providers, reduce redundancy, identify potential courses of action for risk responses, and reduce the burden on providers. CSCRM personnel should review the control assessment.

>Cross-Framework Mappings

SCF

CPL-03.2
Compare
IAO-06
Compare
PRM-04
Compare
IAO-02
Compare
CPL-03
Compare

Ask AI

Configure your API key to use AI features.