>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

6.1.16.1.1

>Control Description

For the purpose of Article 21(2), point (e) of Directive (EU) 2022/2555, the relevant entities shall set and implement processes to manage risks stemming from the acquisition of ICT services or ICT products for components that are critical for the relevant entities’ security of network and information systems, based on the risk assessment carried out pursuant to point 2.1, from suppliers or service providers throughout their life cycle.

Ask AI

Configure your API key to use AI features.