ISO27001 states that "Processes and procedures shall be defined and implemented to manage the information security risks associated with the use of suppliers products or services." (A5.19 - Information security in supplier reslationships)
But in order to do this, you need to understand who your suppliers are. This information may be available from your Finance team, but you need to assess their criticality (in terms of security), and therefore you should have a register of suppliers that you can then risk assess.
This is very important, as you won't want to review ALL your suppliers, but you will want to have clarity around who they are and what they do for you. This document will help when building out your Risk Register, and your Business Continuity Plans.
Start by speaking to your Finance team/person and identify who you pay, and work out from there who is most important to you.
This document
All our documents are designed with simplicity in mind. But in their simplicty they meet the both the standards, and your needs.
Use these as a springboard towards continual improvement and see your security management system develop and thrive.
Supplier Register
Hey, we're not going to go all 'legal' on you here... that's not our style. But this is our Intellectual Property, and we'd prefer it if you didn't go sharing this with other people who haven't spent the money and bought a copy.
Of course, we can't really stop you... But are you that kind of person? We don't think you are. So if you want to tell people about your new found super power of ISO27001-Awesomeness, great... just don't give it away for free!