GV.SC-08.106

Has your organization established and documented crisis communication protocols with your critical suppliers?

Explanation

Crisis communication protocols ensure that during security incidents, system outages, or other emergencies, your organization can effectively coordinate responses with critical suppliers. These protocols should define communication channels, escalation procedures, contact information for key personnel, and the types of events that trigger communications. Evidence of fulfillment could include a documented crisis communication plan that identifies critical suppliers, establishes communication methods (email, phone, secure messaging), defines roles and responsibilities, and includes up-to-date contact information. This document should be regularly reviewed and tested through tabletop exercises or simulations.

Implementation Example

Define and coordinate crisis communication methods and protocols between the organization and its critical suppliers

ID: GV.SC-08.106

Context

Function: GV: GOVERN
Category: GV.SC: Cybersecurity Supply Chain Risk Management
Sub-Category: Relevant suppliers and other third parties are included in incident planning, response, and recovery activities

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub