Reliance on third party business relationships including cloud service providers continues to grow. Every business is responsible for managing risks from third party business relationships to protect against breaches of sensitive or personal information that directly impact reputation and profitability, compromise regulatory compliance and even raise potential for litigation.
KLC Consulting can help you plan, develop and manage your third-party risk program from program development stage to performing vendor risk assessments. We also can help you manage your third-party relationships with a SaaS-based risk management platform.
Our approach to Vendor Security Management and Assessment:
- Define vendor relationships and compliance requirements
- Collect vendor data via questionnaire and perform onsite or remote vendor security review
- Evaluate vendor security practices using ISO/IEC 27001/27002 Security techniques and code of practice for information security management
- Generate vendor report including executive summary, issues and recommendation
- Track vendor issue resolution and follow-up