| Management number | 232051780 | Release Date | 2026/06/18 | List Price | $8.62 | Model Number | 232051780 | ||
|---|---|---|---|---|---|---|---|---|---|
| Category | |||||||||
Align TPRM and cybersecurity, classify supply chain risks, build a lifecycle program, and map NIST C-SCRM, ISO/IEC 27036, DORA, GDPR, and EO 14028 to evidence and audits.Key FeaturesAlign procurement, legal, and security priorities around shared risk outcomesApply a clear taxonomy for cyber, operational, regulatory, and reputational riskUse a lifecycle blueprint to structure assessment and ongoing oversightMap NIST C-SCRM, ISO/IEC 27036, DORA, and EO 14028 to audit evidenceBook DescriptionModern organizations rely on complex vendor ecosystems, but third-party risk management (TPRM) and cybersecurity often operate in silos. This book shows how to connect vendor risk management with supply chain cybersecurity using a practical, lifecycle-driven approach.You’ll design a program covering onboarding, vendor risk assessment, continuous monitoring, and offboarding. You’ll begin by examining why TPRM and cybersecurity often operate in separate lanes, and what that gap costs in downtime, breach impact, and compliance exposure. Next, you’ll develop a modern taxonomy of supply chain risk, including fourth-party dependencies and software supply chain concerns, so risk discussions use consistent categories and measurable assumptions.From there, you’ll adopt a lifecycle-based model to structure vendor onboarding, assessment, monitoring, and offboarding—supported by vendor tiering, segmentation, and control mapping. The final chapter focuses on the regulatory blueprint: how to interpret NIST C-SCRM, ISO/IEC 27036, DORA, GDPR, and Executive Order 14028, then convert them into evidence-driven controls and audit-ready documentation.What you will learnLearn how vendor ecosystems become attack pathsCategorize third- and fourth-party supply chain risksCreate risk tiers and segmentation based on business impactDesign a lifecycle workflow from onboarding to offboardingSelect controls using NIST and ISO supply chain guidanceTranslate DORA, GDPR, and EO 14028 duties into controlsPrepare evidence packs for audits and regulator questionsPlan continuous monitoring beyond annual questionnairesWho this book is forThis book is for cybersecurity leaders, TPRM/VRM practitioners, risk managers, and procurement professionals who need a repeatable way to evaluate and monitor vendors and critical suppliers. It also helps compliance stakeholders who need a shared, workable method to manage supplier cyber exposure. Basic familiarity with security principles and vendor management helps.Table of ContentsThe Disconnect — TPRM vs. Cybersecurity in the Supply ChainThe New Attack Surface — A Taxonomy of Supply Chain RisksThe Foundational Framework — A TPRM-Driven Security LifecycleThe Regulatory Blueprint — Navigating Key Frameworks Read more
| ISBN10 | 1806708116 |
|---|---|
| ISBN13 | 978-1806708116 |
| Language | English |
| Publisher | Packt Publishing |
| Dimensions | 7.5 x 0.25 x 9.25 inches |
| Item Weight | 7.2 ounces |
| Print length | 110 pages |
| Publication date | May 29, 2026 |
If you notice any omissions or errors in the product information on this page, please use the correction request form below.
Correction Request Form