Exams or Audits

Vendor Security Questionnaires

  • 1.  Vendor Security Questionnaires

    This message was posted by a user wishing to remain anonymous
    Posted 03-11-2020 02:15 PM
    This message was posted by a user wishing to remain anonymous

    ​At my present company we have had issues with new vendor applications/software coming into our environment and not vetted properly which caused a audit finding to be issued by Internal audit. I have been tasked to come up with a new Vendor questionnaire that includes questions that would allow InfoSec to know who has Access to all new applications/software. This questionnaire should include Application access, Application Administration, Access Monitoring, Activity Logging/Auditing. Does anyone have anything that they might be able to share with me that can help in my creation process?