Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

Monitoring of third parties

I am assisting my current employer with third party governance and looking to put some KPI's together for the monitoring of such tird parties. I may be interested if you have any potential info for this. For example, what do we do in order to clarify that a third party is patching effectively etc.

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

In my view, you can perform the monitoring of third parties in the following ways:

Receiving regular reports from the third party - these reports are prepared by this third party, and they are the least reliable.
Using some kind of automated reporting system or software - this way you can get more detailed and more precise info about what and when is done by the third party.
Second party-audit - you can send your auditors to the third party so that they could check if they comply with the agreement.

Generally, you can manage your suppliers and other third parties like explained in this article: 6-step process for hand ling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community