Purpose:
1) The purpose of this policy is to define adequate controls during the establishment and maintenance of business relations with third party consultants, contractors and outsourcing vendors for IT services, procurement, lease, license, maintenance and support related engagements at AAB.
2) Information security requirements for mitigating the risks associated with supplier’s access to AAB’s Information assets shall be agreed with the supplier and documented.