Supplier Policies - Intel's policies for supplier operational standards

Supplier Policies

Intel holds the many suppliers with whom we do business accountable for operating with the same high standards that we expect of ourselves and to adhere to Intel’s policies referenced in the terms of our agreements.

Utilizing the Cybersecurity Framework

Supplier agrees to consider the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, published by the National Institute of Standards and Technology on February 12, 2014 as a reference document when establishing its system for managing the security of Intel’s information. For additional information see

 

IT Security Policies

Information Security has two Supplier Requirement documents used to set baseline requirements and assess suppliers who are managing information on behalf of Intel. All suppliers managing information on behalf of Intel must meet the minimum requirements outlined in the Supplier Security Requirements and Expectations document.

For suppliers who are managing Intel Restricted or Intel Top Secret information on behalf of Intel additional requirements are defined and explored in the Enhanced Data Security Assessment form.

If a supplier is currently supporting Intel they may be required to download and respond to the identified documents and may be subject to a formal supplier review. If requested to submit responses for a formal review by the Intel Business Owner the forms can be found at the links provided. All responses should be completed by the Suppliers Information Security professional and sent to your business owner and external.security.management@intel.com