This policy is used to ensure the company's 3rd party suppliers (such as those providing technology software to the company) adhere to certain security standards as required by ISO27001 or SOC2 for instance. Everything after the Introduction can and should be copy and pasted into supplier legal agreements, or else the supplier agreements should reflect this policy. The company may not have such stringent requirements on suppliers processing non-critical data as defined by the company.
This template is free
This template is freely and publicly available by joining the Genie Community.
A Supplier Security Requirements Policy sets out the security requirements that must be adhered to for a companies 3rd party suppliers.