Vendor Risk Assessments
As organizations continue to grow, they leverage vendors and suppliers to deliver their core competencies. One of the most critical components of having a strong third-party risk management program is performing risk assessments on vendors and suppliers that have access to your sensitive data. Our information security risk assessment is thorough, and utilizes industry standard frameworks such as the NIST 800 series and ISO 27001.
We work closely with client supplier assessment coordinators and supplier managers in having a smooth and productive assessment. Kickoff calls are scheduled with vendors and artifacts are collected manually or through automated tools depending on client technology stack. Based on the vendor inherent risk rating, we can perform on-site, remote, or documentation only review assessments. In addition to performing the assessments, we help vendors and suppliers with remediation efforts resulting from our findings.