6.12.1.1Information security policy for supplier relationships
The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 15.1.1 applies.
6.12.1.2Addressing security within supplier agreements
The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 15.1.2 and the following additional guidance applies:
6.12.1.3Information and communication technology supply chain
The control, implementation guidance and other information stated in ISO/IEC 27002:2013, 15.1.3 applies.