This message was posted by a user wishing to remain anonymous
Hi,
Need your advice and suggestions, on framing a process, procedure and methods for initiating a periodic vendor security assessments.
A VSRM process in place, and scoped for new engagements of existing supplier base or new supplier assessments.
As these suppliers are renewing SOW's and contracts, what could be best approach for conducting assessments to cover as periodic assessments, assessment scope & context to include, should this be basis previous assessment report, should consider delta assessment, should current threat landscape of supplier network posture.....any specific frameworks to include to define its context
Need your guidance
thank you all