SA-9(5)—Processing, Storage, And Service Location
>Control Description
The location may be under the control of the suppliers, developers, system integrators, external system service providers, and other ICT/OT-related service providers. Enterprises should assess C-SCRM risks associated with a given geographic location and apply an appropriate risk response, which may include defining locations that are or are not acceptable and ensuring that appropriate protections are in place to address associated C-SCRM risk.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.