Control Third-Party Access

Give third parties access without giving them a permanent doorway.

All Blueprints

What it does

Give third parties access without giving them a permanent doorway.

Where it fits

Time-bounded vendor and supplier access

Who uses it

Financial services, Healthcare, Energy, Public sector

CP-03 topology

How CP-03 controls third-party access.

A FIRE+VAULT pattern. The vendor path is severed by default and exists only as a validated, time-bound Relay session, with every artefact preserved.

Grounded in NIS2 Art. 21(2)(d), DORA Art. 28-30 and ISO 27001 A.5.15, A.5.19.

Vendor or supplier

External party

Vendor or supplier zone

External party seeking a maintenance window

ValidateRelayLock

Request validated. Window opened for the engagement only.

Maintenance edge

The only

Maintenance edge zone

The only place a vendor session ever lands

ExecuteTransferArchive

Changes scoped, recorded and revocable on signal.

Managed estate

The systems

Managed estate zone

The systems the vendor is allowed to touch

OSS

Crown jewels · detail callout

Session evidence archive

Every vendor session, command and artefact preserved offline for audit and dispute.

Modules & symbols

ValidateIntegrity check

RelayTime-bound path

LockNamed access

ExecuteApproved action

TransferControlled move

ArchiveDisconnected copy

ConduitEnforced module path

┄┄┄

Crown jewelsOffline · detail callout

Modules in this Blueprint

How the CP-03 pattern composes.

How the primary modules compose

Supporting modules

How it reads end to end

Validate checks the request before any door opens. Relay creates a controlled, time-bound access window. Lock ensures only approved users, roles or conditions can use it. Transfer governs what moves between environments, Archive preserves the activity for audit and Execute can revoke the path on signal.

Sector relevance

Financial servicesHealthcareEnergyPublic sector

Related Blueprints