Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Outsourcing

Cyber Supply Chain Risk Management

Nov 6, 2019 - All organisations should consider cyber supply chain risk management. If another organisation is involved in the delivery of a product or service to your organisation, there will be a cyber supply chain risk originating from that organisation. Likewise, your organisation will transfer any cyber supply chain risk you hold to your customers. Effective cyber supply chain risk management ensures, as much as possible, the secure supply of products and services for systems throughout their lifetime. For products, this includes their design, manufacture, delivery, maintenance and…

Cyber Supply Chain Risk Management Practitioner Guide

Jun 25, 2019 - This guidance informs cyber security practitioners, procurement officers, and supply chain decision makers with a more detailed discussion of the key cyber SCRM elements.

Cyber Security for Contractors

Apr 30, 2019 - This document has been developed to assist contractors with appropriately securing Australian Government information on their systems.

Cloud Computing Security for Tenants

Apr 30, 2019 - This document is designed to assist an organisation’s cyber security team, cloud architects and business representatives to jointly perform a risk assessment and use cloud services securely.

Cloud Computing Security for Cloud Service Providers

Apr 30, 2019 - This document is designed to assist assessors validating the security posture of a cloud service in order to provide organisations with independent assurance of security claims made by Cloud Service Providers (CSPs). This document can also assist CSPs to offer secure cloud services.

Cloud Computing Security Considerations

Apr 30, 2019 - Cloud computing offers potential benefits including cost savings and improved business outcomes for organisations. However, there are a variety of information security risks that need to be carefully considered. Risks will vary depending on the sensitivity of the data to be stored or processed, and how the chosen cloud vendor (also referred to as a cloud service provider) has implemented their specific cloud services.