Back

Establish forums for sharing information about the supply chain.


CONTROL ID
08923
CONTROL TYPE
Business Processes
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a community-monitoring network to provide information about the supply chain., CC ID: 08922

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Cooperative efforts inside the business community shall be promoted to effectively address copyright and trademark infringement, while preserving legitimate competition and preserving fundamental principles. (Art 27 ¶ 3, Anti-Counterfeiting Trade Agreement)
  • Parties shall promote cooperation amongst competent authorities to combat intellectual property rights infringement, trademark counterfeiting, and copyright piracy. (Art 33 ¶ 2, Anti-Counterfeiting Trade Agreement)
  • The organization may consider supporting the establishment of community forums to communicate and share information as part of its risk mitigation measures. (Annex III - Table Supply Chain Policy - Security and Related Issues Bullet 5, OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, Second Edition)
  • To aid in identifying, assessing, monitoring, and responding to cybersecurity risks throughout the supply chain, enterprises should build information-sharing processes and activities into their C-SCRM programs. This may include establishing information-sharing agreements with peer enterprises, busin… (3.2. ¶ 2, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1)
  • Join and participate in information-sharing efforts (3.2. ¶ 4 Bullet 5, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1)
  • Private sector partners are encouraged to come together and organize their efforts through one or more nonprofit organizations that can serve as hubs for operational collaboration with the Federal Government, such as the National Cyber-Forensics and Training Alliance (NCFTA). Threat-specific collabo… (STRATEGIC OBJECTIVE 2.2 ¶ 2, National Cybersecurity Strategy)