A shared responsibility model is created, documented and shared between suppliers and their customers in order to articulate the security responsibilities of each party.
Topic
Cyber supply chain risk management activities
Applicable to
all
History
Sep 2022
A shared responsibility model is created, documented and shared between suppliers and their customers in order to articulate the security responsibilities of each party.
Language associated with ‘suppliers and service providers’ was amended to ‘suppliers’ noting that suppliers have now been defined within the glossary as encompassing application developers, ICT equipment manufacturers, service provides and other organisations involved in distribution channels.
Dec 2020
A shared responsibility model is created, documented and shared between suppliers, service providers and their customers in order to articulate the security responsibilities of each party.
Security control 1569 was amended to include the documentation and sharing of shared responsibility models. In addition, suppliers, service providers and customers have been specifically called out as part of the shared responsibility model.
Nov 2020
A shared responsibility model is created between service providers and organisations in order to articulate the security responsibilities of each party.
Jul 2020
A shared responsibility model is created between service providers and organisations in order to articulate the security responsibilities of each party.
Security control 1569 was introduced to ensurethe use ofa shared responsibility model between service providers and organisations.