Even if your information security infrastructure is textbook perfect, you still can be at risk if the data being held by third-party vendors is not adequately secured.
In Assessing Vendors: A Hands-On Guide to Assessing Infosec and IT Vendors, author Josh More details a high-level overview of how to perform a vendor security analysis to ensure your vendors meet or exceed your security requirements.
At 80 pages, the book looks to just skim the surface, but nonetheless provide a good foundation.
Looks to be an interesting read.
Full review to follow.