SCF-T Third-Party Risk Management Controls

The SCF-T is a subset of the SCF that is tailored for third-party risk (e.g., vendor risk management, supply chain risk, etc.) and is intended to assist companies with governing the third-party risks associated with the outsourced design, building and maintenance of processes, systems and applications.


To see the mappings between the SCF-T controls, sign up for a free account and download the complete SCF. You can customize the SCF for your own specific needs!