2.4.3.27
| Req No | Requirement | Compliance Class And Applicability | Primary Keyword | Secondary Keyword |
|---|---|---|---|---|
| 2.4.3.27 | As part of the security policy, define how security requirements on third party components and services (including open-source) will be established and assessed. | Mandatory for all classes | business | policy |