KSISO/IEC27036-3

Cybersecurity - Supplier relationships - Part 3: Guidelines for hardware, software and services supply chain security

Provides product and service acquirers and suppliers in ICT supply chain with guidance on: a) gaining visibility into and managing the information security risks caused by physically dispersed and multi-layered ICT supply chains; b) responding to