Risk Assessments

 View Only
  • 1.  Assessments

    This message was posted by a user wishing to remain anonymous
    Posted 10-05-2023 08:27 AM
    This message was posted by a user wishing to remain anonymous

    Basic Question

    When you do assessment for any of the 3rd party – are you doing assessment for the Product/Service rendered or for the complete 3rd party ?



  • 2.  RE: Assessments

    Posted 10-05-2023 08:33 AM

    Typically, we are looking at things like financials and insurance from an enterprise lens but looking at Information Security/Cyber and BCP/DR from a product/ service lens.  For example, we are going to look at the company's financial statements, but we want to see the product specifically called out in SOC 2.



    ------------------------------
    Elizabeth Blosh-Myers
    Third Party Risk Manager
    ------------------------------