The Cyrene Proposal for a Cybersecurity Scheme for Supply Chain Services (SCS) (B12c)
CYRENE proposed a cybersecurity scheme for the SCS using the Information Security Management System (ISMS) for the SCS. An online certified SCS-ISMS will be operated by the SCS provider in collaboration with the business partners and it will support the SCS risk and conformity assessment processes. In particular the SCS-ISMS can be a useful tool to the SCS provider and business partners to perform their risk assessment and update their SCS-security policy and the SCS Protection Profile (PP) with all security requirements. The SCS-ISMS can also be used by the assessor during the conformity assessment process to find the necessary evidence to assess the security requirements (claims in the SCS-PP) and evaluate the controls implemented if they meet the corresponding security requirements throughout specified period.