NIST Cyber Security Frameworks
When a company is looking for potential vendors/suppliers for a project, what would be the impact if the company asked vendors submitting proposals to provide information about their cybersecurity framework profile? How would that affect the supplier-customer relationship?