This message was posted by a user wishing to remain anonymous
Hello everybody,
I am fairly new to TPRM, so forgive me for asking this question.
What does it mean when they say does the vendor:
Process, Store, Manage, View/Add/modify, Transport, Disposable of, Transmit NPPI?
I understand many of our vendor have access to or we share with them our clients NPPI.
What I am confused about is for example does a vendor who is a Web-Based Cloud File Transfer System provider, fall under any of the above categories. Our TPRM program has our accounting software, LexisNexis, even Refinitiv (Thomas Reuters) and ALLL software provider as having access to NPPI.
Any guidance will be greatly appreciated.