Posted on
in Presentations
This discussion will cover how to build/evaluate a mitigation risk framework for third-party vendors. It will examine some standard industry forms of attestation (PCI ROC, SSAE 16, SOC 2), criteria for evaluating risk (sensitivity of data, controls around access, scale of data, reputation of vendor) and contractual protections (employee screening, incident notification requirements, audit rights).
Access This and Other RSAC™ Conference Presentations with Your Free RSAC Membership
Your RSAC™ Membership also includes AI-powered summaries, mind maps, and slides for Conference presentations, Group Discussions with experts, and more.
Watch Now >>
Share With Your Community