Supplier Security Services
Supplier security activities aim to take information security measures and create a secure structure in supply chain processes and applications. Within the scope of these activities, institutions that work with suppliers in operational and business management processes have to monitor and minimize the risks arising from third-party companies for which they are directly or indirectly responsible.
With supplier security audit service; A detailed control of the processes, assets, processed data and system accesses managed by the parties is ensured, security vulnerabilities that may arise due to suppliers are identified, and guidance is provided to close these vulnerabilities.
Supplier security audit service; It enables the prevention of data, services, operations, workforce, time, reputation losses, financial losses and legal sanctions originating from the supply chain.
Service Scope
Sub-services provided within the scope of Supplier Security Service;
- Supplier Security Audit
- Supplier Security Risk Analysis
- Supplier Security Trainings
Within the scope of these services;
- Scope and framework are determined for the current situation / gap analysis.
- Organizational structure and supply chain system are examined.
- A supply chain inventory of the organization is created.
- The risks arising from the supplier service are analyzed and solutions are offered.
Sources Referenced In Supplier Security Services:
- DDO Information and Communication Security GuideDDO Information and Communication Security Guidelines
- Personal Data Protection Law and Board Decisions
- ISO 27001 Information Security Management System Standard
- ISO 27701 Personal Data Management System Standard
- NIST SP800-161 Cyber Security Supply Chain Risk Management Practices