TPM-08—Review of Third-Party Services
Weight: 9
>Control Description
Mechanisms exist to monitor, regularly review and assess External Service Providers (ESPs) for compliance with established contractual requirements for cybersecurity and data protection controls.
>Cross-Framework Mappings
NIST AI RMF
Canada ITSP 10.171
New Zealand HISF
SOC 2 TSC (Detailed)
NIST SP 800-171 Rev 3
NIST SP 800-171A Rev 3
GLBA (16 CFR 314)
NY DFS 23 NYCRR 500
Ask AI
Configure your API key to use AI features.