Description
Applicability
-
This control applies to the university Chief Information Security Officer in consultation with university procurement services.
Implementation
-
1
The Chief Information Security Officer shall coordinate with university procurement services to establish agreements and procedures with entities involved in the supply chain for the system, system component, or system service for the notification of supply chain compromises, or results of assessments or audits.