ISO/IEC 27036-2:2022 PDF | Request Standard
Historical

ISO/IEC 27036-2:2022

Cybersecurity - Supplier relationships - Part 2: Requirements

Standard by IEC, 2022-06-15

Available Formats:

  • Availability: Immediate Download
  • Language: English
  • License Type: Single User
  • Updates: Not Included
  • Availability: Request Quote
  • Language: English
  • License Type: Enterprise / Multi User
  • Updates: Included

About This Item

Legal Notices*

ISO/IEC 27036-2:2022 addresses Cybersecurity - Supplier relationships - Part 2: Requirements, making it relevant for organizations that need a structured approach to supplier-related cybersecurity controls. It is typically reviewed during procurement, vendor assurance, and risk management activities where third-party access, information exchange, and supply chain dependencies must be evaluated carefully. For engineering and compliance teams, ISO/IEC 27036-2:2022 can support documented evaluation, technical review, and broader compliance workflows tied to supplier security expectations.

What is ISO/IEC 27036-2:2022?

ISO/IEC 27036-2:2022 is the requirements-focused part of the ISO/IEC 27036 series, which is centered on cybersecurity in supplier relationships. As a derived document connected to ISO/IEC 27036, it is generally used as a supporting reference for organizations that need to define, assess, or verify supplier security obligations in a formal way. In practice, it helps teams align contractual controls, technical assessment steps, and verification activities with a clearer compliance reference for supplier governance.

Applications of ISO/IEC 27036-2:2022

Organizations often use ISO/IEC 27036-2:2022 when reviewing supplier onboarding, outsourcing arrangements, managed services, and other relationships where external parties may influence security posture. It can be useful in procurement reviews, supplier questionnaires, risk assessments, and contract development where cybersecurity requirements must be stated and tracked. The document is also relevant to technical documentation workflows that support engineering validation, third-party assurance, and operational consistency across complex supply chains.

Why is ISO/IEC 27036-2:2022 important?

Supplier relationships can introduce cybersecurity risk that affects confidentiality, integrity, and service continuity, so a requirements-based reference is valuable for consistent control selection and verification. ISO/IEC 27036-2:2022 supports quality assurance and conformity assessment preparation by helping organizations document expectations clearly and compare supplier responses against defined criteria. It may also improve procurement decisions, reduce ambiguity in technical and contractual obligations, and strengthen compliance workflows where external dependencies must be managed systematically.

  • Requirements-oriented guidance for managing cybersecurity expectations in supplier relationships
  • Useful for procurement review, supplier qualification, and contract-based security planning
  • Supports documented evaluation, technical assessment, and risk reduction activities
  • Helps align supplier controls with compliance, verification, and governance workflows
SKU: 50cd37c47fa8

  • Publication Date: 2022-06-15
  • Standard Status: Derived
  • Publisher: IEC
  • Edition: 2

Please request information about the document. Contact Page

Online Standart App

Need This Standard?

Need This Standard?

Summarize with AI

ChatGPT Perplexity Google AI Claude Grok

Online Standart Disclaimer

OnlineStandart.com is an authorized reseller of international standards through partnerships with authorized distributors. We do not own the copyrights or trademarks of the standards we sell, including but not limited to those of API, ASHRAE, BSI, SAE, ASTM, IEEE, IEC, ASME, ISO, and others.

All product names, logos, and brands are property of their respective owners. All company, product, and service names used on this website are for identification purposes only. Use of these names, trademarks, and brands does not imply endorsement.

The content provided on this website is for informational purposes only and is intended to promote our reselling services. OnlineStandart.com is not affiliated with or endorsed by any of the standard organizations unless explicitly stated.