This message was posted by a user wishing to remain anonymous
Original Message:
Sent: 07-17-2024 10:26 AM
From: Anonymous Member
Subject: Lease Agreements
This message was posted by a user wishing to remain anonymous
Our company is a registered investment adviser. We treat leases for office space (etc.) within our vendor management program because of potential access to PII, our business spaces during the work day etc. (Clean desk policy doesn't guarantee that employees keep confidential materials off their desk.) Another factor is the availability of the office space for usage-less of a factor with remote working, but still important ICO emergency situation where power is out for employees' homes but not at the workspace. (Not saying we'd force people to the office in a severe earthquake, snowstorm, hurricane etc. scenario.)
An analogous situation is this: Does your program include the cloud service providers? Any off-site storage locations for hard copy records? Shredding companies?
Hope this is helpful. Good luck!
Original Message:
Sent: 07-16-2024 06:27 PM
From: Karen Waterman
Subject: Lease Agreements
We are a credit union and we track the contracts in our TPRM software and show them as Exempt (for tracking purposes). But are looking at other options that can be easier for all parties involved. Hope this is helpful.
------------------------------
Karen Waterman, CFSA, NCCO, NCRM, CUERME
Enterprise Risk Director
Nusenda Credit Union
Original Message:
Sent: 07-16-2024 05:56 PM
From: Anonymous Member
Subject: Lease Agreements
This message was posted by a user wishing to remain anonymous
Hello all,
We are a financial institution and have lease agreements for some of our branch and ATM locations. Within your TPRM or Vendor Management program, do you include these types of relationships as regular vendors and follow typical vendor due diligence processes? Is this a vendor you would consider out of scope or exempt from your process? Thank you.