Ecosystem relations
|
• Review supply chain contracts to determine suppliers' exposure to cyber security risks; emphasise on supplier's dependencies. |
IT security maintenance procedure
|
• Review supply chain contracts to determine suppliers' exposure to cyber security risks; emphasise on supplier's dependencies, force majoure terms and governing law. |
Physical and environmental security
|
• Keep a list of different physical locations reachable through a cyber attack to determine geographical distribution. |
Information system security incident response
|
• Review change requests related to supplier services. Focus on changes of geographical distribution and sub suppliers and their location. |