External parties

Objective: To maintain the security of organisation's information and information processing facilities that are accessed, communicated to, or managed by external parties.

Identification of risks related to external parties

The risks associated with access to organisational IT facilities and information by external parties should be assessed and appropriate security controls implemented.

Addressing security when dealing with customers

Contracts with customers involving access to organisational IT facilities or information should specify security conditions.

Security conditions in third party contracts

Contracts with third parties involving access to organisational IT facilities or information should specify contractual requirements for such access

An Introduction To Information, Network and Internet Security
External parties Objective: To maintain the security of organisation's information and information processing facilities that are accessed, communicated to, or managed by external parties. Identification of risks related to external parties The risks associated with access to organisational IT facilities and information by external parties should be assessed and appropriate security controls implemented. Addressing security when dealing with customers Contracts with customers involving access to organisational IT facilities or information should specify security conditions. Security conditions in third party contracts Contracts with third parties involving access to organisational IT facilities or information should specify contractual requirements for such access	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security