+Subcontracting Monitoring
|
1. Overview
Subcontracting Monitoring
With regards to subcontracts that support a critical or important function:Institute a process of continuous improvement and monitoring to enhance subcontracting practices and mitigate associated risks. Regularly review and update subcontracting conditions based on changing business environments and risk assessments. Conduct periodic assessments of subcontracting criteria, including ICT threats, concentration risks, and geopolitical factors. Monitor and evaluate the effectiveness of subcontracting controls through contractual rights of access and inspection. Proactively identify and address any deficiencies or emerging risks to strengthen subcontracting governance and oversight.
1.1 References
1.2 Identified Requirements
1.2 Related Regulation
2. Identified Requirements
Requirements
| Source |
Requirement |
3. Related Regulations
Regulations
| Source |
Regulation |
|