ID.IM-03.186
Does your organization conduct formal lessons learned sessions with suppliers after significant projects or security incidents?
Explanation
Collaborative lessons learned sessions with suppliers help identify areas for improvement in security practices, communication, and incident response. These sessions can reveal vulnerabilities in the supply chain, enhance supplier relationships, and lead to improved security controls across organizational boundaries. Evidence could include meeting minutes from lessons learned sessions, documented action items resulting from these sessions, formalized process documentation for conducting supplier reviews, or reports summarizing findings and recommendations from previous supplier collaboration sessions.
Implementation Example
Conduct collaborative lessons learned sessions with suppliers
ID: ID.IM-03.186
Context
- Function
- ID: IDENTIFY
- Category
- ID.IM: Improvement
- Sub-Category
- Improvements are identified from execution of operational processes, procedures, and activities
