TPM-05.6—First-Party Declaration (1PD)
Weight: 7
>Control Description
Mechanisms exist to obtain a First-Party Declaration(1PD) from applicable External Service Providers (ESPs) that provides assurance of compliance with specified statutory, regulatory and contractual obligations for cybersecurity and data protection controls, including any flow-down requirements to subcontractors.
>Cross-Framework Mappings
Canada ITSP 10.171
SOC 2 TSC (Detailed)
NIST SP 800-171 Rev 3
NIST SP 800-171A Rev 3
HIPAA Simplification 2013
Ask AI
Configure your API key to use AI features.