Organization should consider a comprehensive Outsourcing Risk Management Program to thoroughly govern and mitigate risk.
Cyber Arqs experts are readily available to assist your organization with its Vendor Management needs.
All risks associated with the functions outsourced, physical location of the vendor, assessment of technology used by vendor.
Requirements are defined in a formal agreement known as a Request for Proposal (RFP) to ensure due diligence is enacted for each step.
Contracts are reviewed for adequate and measurable service level agreements and appropriate clauses (confidentiality, right to audit, etc)
Relations among vendors are monitored through essential service level agreement metrics and internal processes created for review.
Types of payment, service, and deployment architecture which is selected and the inherent risks associated with the architecture. The proper controls in place are used to mitigate the risks associated with the architectural model.
Cyber Arq provides an Outsourced Vendor Management Program Development/Assessment (FI) to develop and/or assess a Program that is usually part of the overall Vendor Management Program aligned with the FFIEC Handbook. Our Outsourced Vendor Management Requirements (TSP) provide consultation to third-party service providers in meeting FFIEC requirements.
Vulnerability Assessment & Penetration Testing:
Network, Wireless, Web Application, Mobile, IoT, Social Engineering and more.
Gap Analysis, Risk & External Threat Assessment, Policies & Procedures, Business Continuity & Disaster Recovery planning and Vendor Management.