When to use this
Use this register to track ongoing supplier development reviews, issues, and acceptance decisions.
Related controls
Register
| Supplier | System/project | Review date | Review focus | Evidence reviewed | Issues found | Action owner | Due date | Status |
|---|---|---|---|---|---|---|---|---|
| TBD | TBD | TBD | Secure coding / testing / IP / defects / access / subcontractor | TBD | TBD | TBD | TBD | TBD |
Review prompts
- Supplier progress was reviewed against security requirements.
- Test and review evidence was received.
- Vulnerabilities and defects were tracked.
- Scope or responsibility changes were assessed.
- Acceptance decision was documented.
- Template
- Iso27001
- Supplier security
- Outsourced development
Note Metadata
Aliases: Supplier Development Review Register
Source: 90 Templates/Outsourced Development Review Register.md
Related Notes
- ISO 27001 A.5.22 - Monitoring, Review and Change Management of Supplier Services
- A.8.30 Audit Evidence Pack
- ISO 27001 A.8.30 - Outsourced Development
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- Templates MOC