Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
GV.SC-10.1: Cybersecurity supply chain risk management plans shall include actions and respon- sibilities for managing risks that may arise after a supplier relationship or service agreement has ended. |
|
GV.SC-10.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p42 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that residual cybersecurity and information security risks are effectively addressed after supplier relationships end, thereby preventing disruptions, data exposure, and vulnerabilities in operational and OT environments. To achieve this goal:</p><ul><li>Plan for Termination of the Relationship Formal offboarding procedures should be defined for ending supplier relationships under both normal and adverse conditions, including breach, insolvency, or security incidents.</li><li>Ensure Secure Transition or Exit Transition plans should be developed for critical services, to maintain continuity and address supply chain resilience, including fallback suppliers or internal alternatives.</li><li>Revoke Access and Secure Data Supplieraccess to systems, networks, and data should be promptlyrevoked.All credentials and remote access tools should be deactivated or removed.</li><li>Protect Organisational Assets Devices, storage media, and documents containing organisational data should be securely returned or sani- tised. Controls should prevent unauthorised retention or leakage of sensitive information.</li><li>Address Component Obsolescence Plans should be in place to manage end-of-life components or services, ensuring continued support or secure replacements, especially for OT systems.</li><li>Monitor Residual Risks Post-termination risks should be identified, assessed, and escalated to senior management when necessary. These risks should be tracked within the enterprise risk management process.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that residual cybersecurity and information security risks are effectively addressed after supplier relationships end, thereby preventing disruptions, data exposure, and vulnerabilities in operational and OT environments. To achieve this goal: • Plan for Termination of the Relationship Formal offboarding procedures should be defined for ending supplier relationships under both normal and adverse conditions, including breach, insolvency, or security incidents. • Ensure Secure Transition or Exit Transition plans should be developed for critical services, to maintain continuity and address supply chain resilience, including fallback suppliers or internal alternatives. • Revoke Access and Secure Data Supplieraccess to systems, networks, and data should be promptlyrevoked.All credentials and remote access tools should be deactivated or removed. • Protect Organisational Assets Devices, storage media, and documents containing organisational data should be securely returned or sani- tised. Controls should prevent unauthorised retention or leakage of sensitive information. • Address Component Obsolescence Plans should be in place to manage end-of-life components or services, ensuring continued support or secure replacements, especially for OT systems. • Monitor Residual Risks Post-termination risks should be identified, assessed, and escalated to senior management when necessary. These risks should be tracked within the enterprise risk management process. |
|
A general note, for any purpose. |
The goal of this control is to ensure that residual cybersecurity and information security risks are effectively addressed after supplier relationships end, thereby preventing disruptions, data exposure, and vulnerabilities in operational and OT environments. To achieve this goal: - Plan for Termination of the Relationship Formal offboarding procedures should be defined for ending supplier relationships under both normal and adverse conditions, including breach, insolvency, or security incidents. - Ensure Secure Transition or Exit Transition plans should be developed for critical services, to maintain continuity and address supply chain resilience, including fallback suppliers or internal alternatives. - Revoke Access and Secure Data Supplieraccess to systems, networks, and data should be promptlyrevoked.All credentials and remote access tools should be deactivated or removed. - Protect Organisational Assets Devices, storage media, and documents containing organisational data should be securely returned or sani- tised. Controls should prevent unauthorised retention or leakage of sensitive information. - Address Component Obsolescence Plans should be in place to manage end-of-life components or services, ensuring continued support or secure replacements, especially for OT systems. - Monitor Residual Risks Post-termination risks should be identified, assessed, and escalated to senior management when necessary. These risks should be tracked within the enterprise risk management process. |
|
A general note, for any purpose. |
The goal of this control is to ensure that residual cybersecurity and information security risks are effectively addressed after supplier relationships end, thereby preventing disruptions, data exposure, and vulnerabilities in operational and OT environments. To achieve this goal: - Plan for Termination of the Relationship Formal offboarding procedures should be defined for ending supplier relationships under both normal and adverse conditions, including breach, insolvency, or security incidents. - Ensure Secure Transition or Exit Transition plans should be developed for critical services, to maintain continuity and address supply chain resilience, including fallback suppliers or internal alternatives. - Revoke Access and Secure Data Supplieraccess to systems, networks, and data should be promptlyrevoked.All credentials and remote access tools should be deactivated or removed. - Protect Organisational Assets Devices, storage media, and documents containing organisational data should be securely returned or sani- tised. Controls should prevent unauthorised retention or leakage of sensitive information. - Address Component Obsolescence Plans should be in place to manage end-of-life components or services, ensuring continued support or secure replacements, especially for OT systems. - Monitor Residual Risks Post-termination risks should be identified, assessed, and escalated to senior management when necessary. These risks should be tracked within the enterprise risk management process. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
GV.SC-10.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Post-termination supply chain risk management |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Cybersecurity supply chain risk management plans shall include actions and respon- sibilities for managing risks that may arise after a supplier relationship or service agreement has ended. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1