TPM-02—Third-Party Criticality Assessments

Weight: 9

>Control Description

Mechanisms exist to identify, prioritize and assess suppliers and partners of critical Technology Assets, Applications and/or Services (TAAS) using a supply chain risk assessment process relative to their importance in supporting the delivery of high-value services.

>Control Description

>Cross-Framework Mappings

NIST SP 800-53 r5

NIST CSF 2.0

CIS Controls v8

SOC 2 TSC

FedRAMP Rev 5

Canada ITSP 10.171

Australia ISM

India SEBI Guidelines

EU DORA

SOC 2 TSC (Detailed)

CIS Controls v8.1 (Detailed)

IMO Maritime Cyber Risk

ISO 27002:2022

NIST SP 800-161

NIST SP 800-171 Rev 3

SPARTA

Data Privacy Management Principles

CISA CPG

FCA CRM

GLBA (16 CFR 314)

HIPAA Simplification 2013

SEC Cybersecurity Rule

NY DFS 23 NYCRR 500

Ask AI