TPM-01.1—Third-Party Inventories
Weight: 8
>Control Description
Mechanisms exist to maintain a current, accurate and complete list of External Service Providers (ESPs) that can potentially impact the Confidentiality, Integrity, Availability and/or Safety (CIAS) of the organization's Technology Assets, Applications, Services and/or Data (TAASD).
>Cross-Framework Mappings
NIST CSF 2.0
Canada ITSP 10.171
Australia ISM
EU DORA
Article 28.1
CompareArticle 28.1(a)
CompareArticle 28.1(b)
CompareArticle 28.1(b)(i)
CompareArticle 28.1(b)(ii)
CompareArticle 28.2
CompareArticle 28.3
CompareArticle 28.4(a)
CompareArticle 28.4(b)
CompareArticle 28.4(c)
CompareArticle 28.4(d)
CompareArticle 28.4(e)
CompareArticle 28.5
CompareArticle 28.6
CompareArticle 28.7(a)
CompareArticle 28.7(b)
CompareArticle 28.7(c)
CompareArticle 28.7(d)
CompareArticle 28.8
CompareArticle 28.8(a)
CompareArticle 28.8(b)
CompareArticle 28.8(c)
CompareSOC 2 TSC (Detailed)
NIST SP 800-171 Rev 3
NIST SP 800-207 Zero Trust
NIST AI 600-1
NY DFS 23 NYCRR 500
Virginia CDPA
Ask AI
Configure your API key to use AI features.