>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IA-1Policy And Procedures

>Control Description

The enterprise should – at enterprise-defined intervals – review, enhance, and update their identity and access management policies and procedures to ensure that critical roles and processes within the supply chain network are defined and that the enterprise’s critical systems, components, and processes are identified for traceability. This should include the identity of critical components that may not have been considered under identification and authentication in the past. Note that providing identification for all items within the supply chain would be cost-prohibitive, and discretion should be used. The enterprise should update related C-SCRM Strategy/Implementation Plan(s), Policies, and C-SCRM Plans.

>Cross-Framework Mappings

SCF

GOV-03
Compare
IAC-01
Compare
GOV-02
Compare

Ask AI

Configure your API key to use AI features.