AS ISO/IEC 27036.1:2023 identically adopts and modifies ISO/IEC 27036 1:2021, which provides an overview of guidance for organizations to secure information related to suppliers
Table of contents
Header
About this publication
Preface
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Problem definition and key concepts
5.1 Motives for establishing supplier relationships
5.2 Types of supplier relationships
5.2.1 Supplier relationships for products
5.2.2 Supplier relationships for services
5.2.3 ICT supply chain
5.2.4 Cloud computing
5.3 Information security risks in supplier relationships and associated threats
5.4 Managing information security risks in supplier relationships
5.5 ICT supply chain considerations
6 Overall ISO/IEC 27036 structure and overview
6.1 Purpose and structure
6.2 Overview of ISO/IEC 27036-1: Overview and concepts
6.3 Overview of ISO/IEC 27036-2: Requirements
6.4 Overview of ISO/IEC 27036-3: Guidelines for information and communication technology (ICT) supply chain security
6.5 Overview of ISO/IEC 27036-4: Guidelines for security of cloud services
