Gitlab hero border pattern left svg Gitlab hero border pattern right svg

TPM.1.04 - Vendor Compliance Monitoring Control Guidance

On this page

TPM.1.04 - Vendor Compliance Monitoring

Control Statement

Maintain a program to monitor service providers’ compliance status at least annually.

Context

We need to validate a third party's compliance status on a yearly basis to ensure they are also complying with compliance requirements. This will assist in obtaining new customers and help maintain assurance with our current customers.

Scope

All third party service providers that fall within the GitLab Control Framework (GCF).

Ownership

TBD

Implementation Guidance

For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.

For all reference links relevant to this control, refer to the full guidance documentation.

Examples of evidence an auditor might request to satisfy this control

For examples of evidence an auditor might request, refer to the full guidance documentation.

Framework Mapping