The risk posed by third-party or cloud vendors can be difficult to assess.  Third-party risk also varies by industry and regulatory environments.  Increasingly, financial regulators are concerned about the risk third-party vendors can pose to consumers and have been requiring more due diligence to be performed.

WHO’S IT FOR?

 

Any organization who is using or a third-party vendor to perform, host, develop or manage any business critical operation, application or function.  If your organization is still evaluating third-party or cloud vendors, or is in the process of drafting a service level agreement (SLA) with a third-party vendor, the CipherTechs 3PV™ Assessment would offer you an opportunity to use the SLA to close any gaps identified by the 3PV™ Assessment.

HOW IS IT PERFORMED?

 

During a 3PV™ Assessment we will:

  • Conduct a thorough risk assessment and perform the due diligence necessary to identify and understand any risks posed by the relationship with the third-party
  • Evaluate the type of data your organization is sending to the third-party and whether the appropriate data protections are in place
  • Verify that the third-party vendor understands and is capabale of complying with any compliance drivers or regulatory concerns
  • Request and review all policies, procedures, internal controls and training materials
  • Identify any risks posed by shared infrastructure or specific SaaS cloud services
  • Identify inventory of locations or jurisdictions where your data is stored
  • Ensure your incident response policy accurately reflects the risk of the third-party
Contact CipherTechs

Your Name (required)

Your Email (required)

Subject

Your Message

×
Join our team!

Your Name (required)

Your Email (required)

Subject

Your Message

Upload Resume

×
Contact CipherTechs

Your Name (required)

Your Email (required)

Subject

Your Message

×
Share This