ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "GV.SC-01 - Building a Supply Chain Risk Management Program"
Episode Synopsis
GV.SC-01 focuses on creating a structured cybersecurity supply chain risk management program that includes a clear strategy, objectives, policies, and processes, all endorsed by organizational stakeholders. This ensures that risks stemming from suppliers and third-party relationships are systematically addressed, with a defined plan that outlines milestones and responsibilities. Stakeholder agreement reinforces the program’s legitimacy and aligns it with broader organizational goals.This subcategory establishes a foundation for managing supply chain risks by integrating cybersecurity considerations into procurement and vendor interactions. It promotes collaboration across functions like IT, legal, and operations to ensure the program is actionable and effective. GV.SC-01 sets the stage for a proactive, organization-wide approach to securing the supply chain.
More episodes of the podcast Framework: The NIST Cybersecurity Framework (CSF)
Introduction to the NIST CSF
23/02/2025
Introduction to Gap Assessments
23/02/2025
The Fundamentals of Cybersecurity Controls
23/02/2025
Cybersecurity Maturity
23/02/2025
Cybersecurity Risk Management
23/02/2025
Introduction to NIST 800-53
23/02/2025
Introduction to NIST CSF Profiles
23/02/2025
In God we trust