What types of control activities do you perform to mitigate vendor risk?

  1. Perform comprehensive vendor risk assessments.

  2. Develop a comprehensive vendor management program.

  3. Establish detailed service level agreements.

  4. Conduct regular vendor reviews and audits.

  5. Monitor vendor performance and compliance.

  6. Establish robust security standards and procedures.

  7. Establish a dedicated vendor management team responsible for managing vendor relationships.

  8. Ensure adequate insurance coverage for vendor activities.

  9. Utilize a centralized system for tracking and managing vendors.

  10. Require vendors to maintain adequate cyber security controls.

Last updated