On-Site Vendor Control Assessments

Equip vendor risk assessment teams with the testing procedures required to evaluate the effectiveness of third-party control execution

At times, asking questions is not enough: when vendors provide mission-critical functions, or have access to sensitive data, your organization may need to schedule on-site visits to make visual verification of compliance and contract conformance.

Vendor Cloud empowers your assessment teams with everything they need to conduct and document on-site vendor control assessments, including:

Control Libraries with Test Procedures

Vendor Cloud assigns the appropriate set of controls to your team depending on the services provided by the vendor. Test procedures can be prescribed to explain what needs to be done, what needs to be inspected, and how compliance should be measured, e.g., the temperature of a data center or the height of a server from the floor. These controls can also map to industry frameworks such as NIST or CobIT.

Manage on-site vendor risk controls assessments.Review on-site vendor risk management controls testing procedures.

Results Compilation

Vendor Cloud compiles vendor control assessment observations into reports that are also rolled into the vendor’s risk profile, informing that vendor’s overall risk health score.

Capture and review on-site vendor risk assessment results.

 

For more information on Vendor Cloud or to schedule a live demonstration, please contact us.