This policy describes principles and rules for standard and critical third parties providing digital services, and describes contract obligations based on risks, establishing a shared responsibility model for managing them. The policy aims to: as per their classification, provide ICT risk evaluation rules for standard and critical providers of digital services; establish contract obligations based on evaluated risks for providers; and describe a shared responsibility model for managing providers.
Publisher
UNFPA PD
Resource date
04 October 2024
Author
ITSO
Administrative Resource
Policy for Third-party Information and Communication Technology (ICT) Risk Management
Related download
-
Policy for Third-party Information and Communication Technology (ICT) Risk Management
