Hi there, this is a great question. Most likely you have records management to meet regulatory and legal guidelines so I would do a compliance review ensuring that their internal policies and procedures appropriately address compliance awareness, monitoring and training.
I would also do Business Continuity Review which should include all aspects of business interruption and resumption. As part of the physical security check, I would make sure that you specifically request an inventory of safety systems, and when they were last tested. This includes, smoke detection, fire suppression, etc. I hope that helps. I'd love to hear what other members would recommend.
Original Message:
Sent: 04-23-2021 10:51 AM
From: Anonymous Member
Subject: Ongoing Monitoring of Records Management Vendors
This message was posted by a user wishing to remain anonymous
What type of on-going monitoring do you conduct for records management vendors? We have a few vendors that we store historical paper with and I'm trying to make sure we're appropriately monitoring them. Financials and Physical Security, but what else?