Due Diligence and Ongoing Monitoring

 View Only
  • 1.  Virtual Desktop /Support - questions on due diligence needed

    Posted 13 days ago
    We have a vendor that would be providing our IT team with support.  They would:
    *have access to services that support our use of Microsoft's Cloud products and if they need to check and ensure things are working, any activity is recorded. 
    * train our employees and comply with our information security policies and report any exposures or incidents

    What, if anything beyond the "basic" due diligence (COI, W9, business license, financials), would you request from them?


  • 2.  RE: Virtual Desktop /Support - questions on due diligence needed

    Posted 6 days ago
    Hello, just a couple suggestions. I would make sure that you have a Non-Disclosure with them specific to GLBA compliance and I would request their Security Policy and HR Policy (Specifically hire practices with criminal background checks and that they are an equal opportunity employer). Since they are supporting Microsoft Cloud, you have the right to seek any such certifications their techs may have. Hope this helps.

    Paul

    ------------------------------
    Paul P Pelletier
    ------------------------------