The organization should regularly monitor, review, evaluate and manage change in supplier information security practices and service delivery.
The organization should regularly monitor, review, evaluate and manage change in supplier information security practices and service delivery.