Benchmark: Identification of Risks Related to External Parties
Description
The risks to the organization's information and information assets from business processes involving external parties shall be identified, and appropriate controls implemented before granting access.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Identification of Risks Related to External Parties.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_identification_of_risks_related_to_external_partiesSnapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_identification_of_risks_related_to_external_parties --shareBenchmarks
- Access to the organizations information and systems by external parties
- Remote access connections between the organization and external parties are encrypted
- Access granted to external parties is limited to the minimum necessary and granted only for the duration required
- The identification of risks related to external party access takes into account a minimal set of specifically defined issues