template

3rd Party Supplier Security Requirements Policy

Chris Young

Nov, 01 2022

When to use this template

This policy is used to ensure the company's 3rd party suppliers (such as those providing technology software to the company) adhere to certain security standards as required by ISO27001 or SOC2 for instance

Key issues covered in this template

Supplier security requirements
Backups and physical media
Security logs and monitoring
Security incident management
Malware protection
Intrusion prevention system
Communication over networks
Software development
Physical security
PCI DSS
Disputes

What to watch out for

Everything after the Introduction can and should be copy and pasted into supplier legal agreements, or else the supplier agreements should reflect this policy
The company may not have such stringent requirements on suppliers processing non-critical data as defined by the company.

Used by

Author

Chris Young

@chris75410632

Genie AI

Organisations that used this template

+8 more

Technology

29%

Consultancy

11%

Manufacturing

Legal Services

Finance

Education

Agriculture, Forestry and Fishing

Retail

Energy

Other

Consumer, Public & Health Services

Real Estate

Public Administration

Sport & Entertainment

Wholesale

Construction

Insurance

Terms of use

This is not legal advice - see more

Genie AI terms and conditions

Code of conduct

Additional information

Business categories

Policies

Business activities

Create A Policy For Supplier Security Requirements

Contract type

Supplier Security Requirements Policy

Relevant sectors

Agriculture, Forestry and Fishing

Mining

Construction

Transport

Wholesale

Manufacturing

Energy

Retail

Finance

Real Estate

Consumer, Public & Health Services

Media

Insurance

Legal Services

Education

Technology

Sport & Entertainment

Consultancy

Public Administration

Other

Relevant company sizes

1 - 3

20 - 49

250 - 999

4 - 19

50 - 249

1000 +

Governing law

England and Wales

Language

English UK

Gender neutral

Yes