SUPPLY CHAIN COMPLIANCE MANAGEMENT
Supply chain cybersecurity risk management is a part of Commugen’s cyber GRC aotuomation platform. To manage this risk, companies ask their suppliers to prove compliance with multitude of standards, frameworks and one-off security questionnaires. These questionaires typically contain hundreds of questions or control verifications, and impose a significant burden on Cybersecurity and IT departments.
Supply Chain Compliance Management is a major requirement of all cyber security frameworks and standards. e.g.:
ISO - 27002 12.4.1
NIST - SI-4(5), IR-6
Commugen’s Supply Chain Compliance Management enables and simplifies the assessment for your customers’ supply chain cybersecurity requirements, including:
Answer every control only once
The solution uses a mapping of known standards to a single control repository. Once you answer a certain control, in any framework , you have it answered.
Collaborate on answering
Delegate tasks to relevant personnel in Legal, Finance, R&D or any other department. The solution supports modular roles and permissions for organization-wide collabortion.
Use your company-facing compliance efforts to answer the questionnaires.
Generate a Completed Assessment
The solution generates a control subset that’s relevant to your current questionnaire. It enables the duplications of past assesments with full answers, status and evidence, reducing time and effort.
Keep all relevant information organised is one place
All past questionnaires, all gathered evidence, all historical data – all in one place.