§01
About this domain.
This directory contains organization-neutral supplier governance, third-party risk, cloud governance, and supply-chain continuity artefacts. It covers the full lifecycle of supplier and partner relationships as well as trade security programme obligations. All content is released under CC BY-SA 4.0.
§02
Documents.
19 documents in this domain. Each links to its source on GitHub, where the corpus is version-controlled and continuously gated.
- AnnexTrade and Supply-Chain Continuity Controls Annex↗
- FrameworkSupplier and Cloud Governance Framework↗
- MatrixSupply Chain Security Programme Alignment Matrix↗
- ProcedureFourth-Party and Nth-Party Risk Procedure↗
- ProcedureSupplier Audit Procedure↗
- ProcedureSupplier Due Diligence Procedure↗
- ProcedureSupplier Exit and Data Return Procedure↗
- ProcedureSupplier Onboarding Security Review Procedure↗
- ProcedureSupplier Ongoing Monitoring Procedure↗
- ProcedureThird-Party AI Due Diligence Procedure↗
- RegisterConcentration Risk Register↗
- RegisterSoftware Bill of Materials Register↗
- RegisterSubprocessor Register Template↗
- RegisterSupplier Risk Register Template↗
- StandardCloud Exit and Data Portability Standard↗
- StandardSupplier Resilience Monitoring Standard↗
- StandardSupplier Security and Privacy Assurance Standard↗
- TemplateSupplier Offboarding Evidence Template↗
- TemplateSupplier Security Questionnaire↗