TPM-05.8—Third-Party Attestation (3PA)
Weight: 5
>Control Description
Mechanisms exist to obtain an attestation from an independent Third-Party Assessment Organization (3PAO) that provides assurance of conformity with specified statutory, regulatory and contractual obligations for cybersecurity and data protection controls, including any flow-down requirements to contractors and subcontractors.
>Cross-Framework Mappings
Canada ITSP 10.171
NIST SP 800-171 Rev 3
NIST SP 800-171A Rev 3
Nevada Regulation 5
Ask AI
Configure your API key to use AI features.