Explanation of terms
What is ISO 27001 and ISO 27002?
ISO 27001 and 27002 define structured standards for information security and third-party risk control.
Copyright © RiskStudio 2025. All Rights Reserved.
RiskStudio by Abibia.
ISO 27001 and 27002 define structured standards for information security and third-party risk control.
DORA requires financial institutions to manage digital and third-party risks with structured, resilient practices.
MITRE ATT&CK maps real-world attack techniques to improve threat detection and response.
BIO is the Dutch government’s information security standard, mandatory for public institutions and relevant for suppliers.
CSF is a globally adopted framework for managing cybersecurity risks using five core functions.
NIST provides global standards for cybersecurity and risk management — across your organization and your supply chain.
CWE categorizes software weaknesses to support secure development and smarter third-party risk analysis.
CVE assigns unique identifiers to known vulnerabilities for better risk tracking and response.
TPRM manages third-party risks in areas like cybersecurity, compliance, and operational continuity.
SCRM manages risks in the supply chain to strengthen resilience against cyber and operational disruptions.
Secure your supply chain
Copyright © RiskStudio 2025. All Rights Reserved.
RiskStudio by Abibia.