On-Site Vendor Control Assessments
Equip vendor risk assessment teams with the testing procedures required to evaluate the effectiveness of third-party control execution
At times, asking questions is not enough: when vendors provide mission-critical functions, or have access to sensitive data, your organization may need to schedule on-site visits to make visual verification of compliance and contract conformance.
Vendor Cloud empowers your assessment teams with everything they need to conduct and document on-site vendor control assessments, including:
Control Libraries with Test Procedures
Vendor Cloud assigns the appropriate set of controls to your team depending on the services provided by the vendor. Test procedures can be prescribed to explain what needs to be done, what needs to be inspected, and how compliance should be measured, e.g., the temperature of a data center or the height of a server from the floor. These controls can also map to industry frameworks such as NIST or CobIT.
Vendor Cloud compiles vendor control assessment observations into reports that are also rolled into the vendor’s risk profile, informing that vendor’s overall risk health score.
For more information on Vendor Cloud or to schedule a live demonstration, please contact us.