Assessing Vendor Cybersecurity Risks: Which Approach Is Best?
Outsourced vendors expose your institution and your customers to data breaches. Regardless of how well you protect data internally, the cybersecurity shortcomings of partners can subject your organization to fraud, theft, litigation, and negative publicity.
To protect against outsourced risks, institutions have relied on SOC 2 reports to provide insight into cybersecurity controls that vendors have in place. There are now more alternatives to SOC 2 reports that address vendor cybersecurity risks. For instance, the Shared Assessments Organization has a Standard Information Gathering (SIG) questionnaire that is being used as an alternative to the SOC 2 report.
- Understand how the purpose for vendor cybersecurity risk assessments impacts the method used to conduct the assessment
- Methods for deciding which assessment programs to request from a vendor if the vendor has not engaged a CPA to prepare a SOC 2 report
- Considerations for vendors that only agree to have a SOC 2 Type I report prepared
- What popular alternative cybersecurity assessment programs to consider and why
BankersWeb.com Quality Commitment
BankersWeb, a division of CareerLearning, wants you to be satisfied with your webinar purchase. If this webinar does not meet your expectations, please email us at [email protected].