Security Risk Assessments of Third-Party Service Providers

  • Thursday, February 27, 2014 | 9:20 AM – 10:20 AM | West | Room: 2023

View all Sessions

A common method in assessing risk about a third-party and their security practices is to ask them to respond to and complete a questionnaire. There are standard questionnaires available such as the Cloud Control Matrix (CCM) and the Standard Information Gathering (SIG) questionnaires. This P2P session will discuss methods to assess a third-party using questionnaires and security frameworks.


This document was retrieved from on Fri, 19 Jul 2019 10:31:45 -0400.