Our Data Protection Officer is involve in the TPRM process to determine whether a Data Processing Addendum needs to be signed. They evaluate the specific data elements which will be transferred to the vendor and document the justification. Depening on your DPO's background, they might also evaluate the Technical and Organizational Measures (security processes) of the vendor. KW
Kate Wakefield CISSP, CIPT, CRISC
Sr. Manager Security Compliance