How do you go about tiering your telecom Third-Party's and how do you decide what level of "access" they have? For instance... Let's say you have a web based meeting (video/voice) Third-Party service provider. Do you consider their ability to view or monitor said meetings a risk? What if you were sharing a screen during it with confidential data? Assuming the Third-Party has privacy policies/procedures that state they won't view meetings is that enough to reduce the risk and in turn the tier levels?
General Telecom - bandwidth or telephony providers are eligible for Lowest tier, least risk waiver from the long form DD Process. Waiver is subject to TPRM Committee review.
Zoom, Teams, Webex, etc.
Corporate Contract & Procurement Director