Supply chain security
PreviousOperational continuity and crisis managementNextSecurity in acquisition, development, and maintenance of network and information systems
Last updated
Was this helpful?
Glesys manages supplier relationships to reduce cybersecurity risk and ensures that relevant security requirements are considered during selection, contracting, and ongoing monitoring.
Supplier categorization: Suppliers are categorized (e.g., Critical/Managed/Non-critical), including “information security-critical” suppliers, with defined oversight expectations.
Procurement security requirements: For relevant procurements, requirements may include MFA, encryption, logging/monitoring, incident notification, data location/transfers, and assurance (e.g., ISO 27001/SOC2).
Offboarding controls: Data return/deletion, access revocation, and secure disposal expectations are defined for security-critical supplier termination.
Last updated
Was this helpful?
Was this helpful?