Hi Neil,
Yes, we use Quantivate. Please email me so we can connect. I'm always looking for people to network with.
[This email address has been removed by the Community Manager for privacy reasons. Please message the member directly within the community or review their contact information by clicking on the member's name, which will redirect to their community member profile.]
Thanks
Original Message:
Sent: 6/14/2023 4:32:00 PM
From: Neil Melms
Subject: RE: Armored Transportation and Cash Vault
I would echo this as well, as we also use the same criticality level of Critical, Significant and Non-Essential. I wonder if we utilize the same GRC tool, Quantivate, for this purpose.
If so, I would love to connect and share best case practices and pain points as my organization is looking to mature our program. Thank you.
Original Message:
Sent: 06-14-2023 11:43 AM
From: Cheryl Turner
Subject: Armored Transportation and Cash Vault
Yes. We consider this NPI. We classify our vendors in to 3 groups. Critical, Significant and Non-Essential, then assign a risk level. Brinks is considered Significant, as they do have NPI, however, they are a low risk, as they only service 4 of our branches and there are other carriers available.
Original Message:
Sent: 6/13/2023 4:33:00 PM
From: Anonymous Member
Subject: RE: Armored Transportation and Cash Vault
This message was posted by a user wishing to remain anonymous
Hello all,
We are about to start a service with Brinks to pick up deposits from our customers. My question is:
Does having a deposit slip with the customers cash (with customer Name, account # and address) constitute a NPI. I personally don't think this is an NPI, but we are having an internal debate. If having a deposit slip constitutes NPI, then we automatically put this vendor in High-risk category, and our due diligence requirement increases.
All inputs will be helpful.
Original Message:
Sent: 02-14-2023 07:23 PM
From: Premika Mishra
Subject: Armored Transportation and Cash Vault
If there is reliance on vendor service and they have access to confidential/sensitive data, or are interacting with your customers then you should definitely be performing due diligence on such vendors to gain assurance that data is protected and that in the event there is a disruption on the vendors side, they are set up with backup etc. to support interruption in service. In due diligence you would still want to evaluate their BCDR program, InfoSec policy, ensure they have adequate insurance coverage, are financially sound to support such services. They will have physical access to your facility, so you want to ensure vendor is conducting background checks on their employees etc. If there is customer impact/interaction, then assessing their complaint policies etc. also become important. Then there is their operational and physical security policies that would provide assurance on what controls are in place for transportation/transit.
Performance monitoring should also be in place to ensure established SLA's are achieved and issues are tracked and monitored.
Original Message:
Sent: 02-14-2023 05:37 PM
From: Anonymous Member
Subject: Armored Transportation and Cash Vault
This message was posted by a user wishing to remain anonymous
Hello all,
How do you handle the due diligence for an Armored Transportation and Cash Vault vendor? Example: Brinks.
They do handle checks and cash. They also make pick-ups at our customers businesses.
Any suggestion will be greatly appreciated.