Gitlab hero border pattern left svg Gitlab hero border pattern right svg

TPM.2.02 - Vendor Non-Disclosure Agreement Control Guidance

On this page

TPM.2.02 - Vendor Non-Disclosure Agreement

Control Statement

Requirements for confidentiality or non-disclosure agreements reflecting the organization’s needs for the protection of information shall be identified, regularly reviewed and documented.

Context

This control provides GitLab a written, signed agreement with a vendor that non-disclosure of confidential information will be disseminated to outside parties.

Scope

This control applies to all information shared with third parties that interact with the GitLab production environment.

Ownership

Control Owner:

Process Owner:

Guidance

Maintain current copies of non-disclosure agreements between GitLab and vendors for each non-GitLab service used by the company where confidential information is shared with the vendor.

Additional control information and project tracking

Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Vendor Non-Disclosure Agreement control issue.

Policy Reference

Framework Mapping