Vendor/third party risk management/assessment
I wonder if you have any document about Vendor\third party risk management\assessment? Also is it covered in ISO27001?
Assign topic to the user
Yes, for vendor/third party risk management you should use the templates for risk assessment and risk treatment included in your toolkit, in folder 5 Risk assessment and risk treatment - these are the same templates as for assessing the risks for your own company, since the assessment process is the same.
This article will provide you with further explanation about supplier security:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
Comment as guest or Sign in
Oct 07, 2021