Back

Establish, implement, and maintain physical security controls for the supply chain.


CONTROL ID
08931
CONTROL TYPE
Business Processes
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Third Party and supply chain oversight, CC ID: 08807

This Control has the following implementation support Control(s):
  • Assign unique reference numbers to all products and their subcomponents., CC ID: 08932
  • Implement physical security controls at all supply chain member locations., CC ID: 08933


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Medium and large-scale mining companies and artisanal and small-scale mining enterprises should implement physical security practices for the gold. (Supplement on Gold Step 1: § II.A.2, OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, Second Edition)
  • Upstream companies should enhance their physical security practices based on discrepancies in mine production and capacity, processing production and capacity, or information from suppliers on gold shipments. (Supplement on Gold Step 3: § I.B.2, OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas, Second Edition)
  • Contract provisions for smoke and fire detection in third-party hosted infrastructure situations. (App A Objective 13:9b Bullet 8, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)