Skip to content

Third Party Risk Management

Free Third Party Data Security Assurance Questionnaire

This free document is on 3rd party data security assurance (Courtesy UCF,  Information Security Office, VR Program).  The document is made in a way such that vendors must answer the questions in a yes/no. Third Party/ Vendor Data Security Assurance Questionnaire (SAQ)Document covers questions from various sections –  Policies & Procedures  Disaster Recovery & Business Continuity  Physical… Read More »Free Third Party Data Security Assurance Questionnaire

Free 3rd Party Outsourcing Information Security Assessment Questionnaire

This free document is on 3rd party Outsourcing Information Security Assessment Questionnaire (Courtesy UBC IT). This questionnaire document has various information section on :  Company Information Policies, Standards and Procedures Architecture Configurations Product Design Compliance Access Controls Monitoring Physical Security Contingency Vendor’s Business Associates Download Document The document can be viewed below and downloaded from… Read More »Free 3rd Party Outsourcing Information Security Assessment Questionnaire

(Free) Third Party Risk Management Checklists And Frameworks From The Web

FireCompass content and research team has curated some top checklists and frameworks on third party risk management that were available on the web for free. You will find these frameworks and guidelines simple and ready to use. Free 3rdParty Outsourcing Information Security Assessment Questionnaire V1.4 This checklist has 2 parts to it with all segment wise… Read More »(Free) Third Party Risk Management Checklists And Frameworks From The Web

How Missing Continuous Monitoring Makes Third-Party Risk Management Programs Ineffective

Many organizations have hundreds of vendors and the Third-Party risk exposure is one of the biggest threats. Most of the organizations depend upon partners, vendors, suppliers, contractors and other third-parties for day-to-day operations. Each of them presents some potential risk to the organization. Third-Party Risk Management programs helps in assessing the cybersecurity of vendors/3rd parties that… Read More »How Missing Continuous Monitoring Makes Third-Party Risk Management Programs Ineffective

6 Must-Know Facts About Shadow IT

Shadow IT refers to IT applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department. Shadow IT risks exists in most organizations but most IT leaders and CISOs underestimate about its reach. In this blog, we will uncover the important facts that every business leader should understand about Shadow… Read More »6 Must-Know Facts About Shadow IT