Enisa Req

Source: Baseline Security Recommendations for IoT in the context of Critical Information Infrastructures November 2017

# Requirement Nr Description Good Practice Is Fullfilled By Remarks
1 GP-OP-14 For IoT hardware manufacturers and IoT software developers it is necessary to adopt cyber supply chain risk management policies and to communicate cyber security requirements to its suppliers and partners. Third-Party relationships View
2 GP-OP-13 Only share consumers’ personal data with third parties with consumers’ affirmative consent, unless required and limited for the use of product features or service operation. Third-Party relationships View
3 GP-OP-12 Data processed by a third-party must be protected by a data processing agreement. Third-Party relationships View
Records : 3 of 3 | Page : of 1 | Limit