Control: ism-1452; Revision: 4; Updated: Sep-22; Applicability: ALL; Essential Eight: N/A ​

A supply chain risk assessment is performed for suppliers of applications, ICT equipment and services in order to assess the impact to a system’s security risk profile.