))
Episode 100: Assessing Third-Party and Vendor Risk
Manage episode 490277342 series 3673170
Contenuto fornito da Jason Edwards and Dr. Jason Edwards. Tutti i contenuti dei podcast, inclusi episodi, grafica e descrizioni dei podcast, vengono caricati e forniti direttamente da Jason Edwards and Dr. Jason Edwards o dal partner della piattaforma podcast. Se ritieni che qualcuno stia utilizzando la tua opera protetta da copyright senza la tua autorizzazione, puoi seguire la procedura descritta qui https://it.player.fm/legal.
Vendors and service providers often have privileged access to your data and systems—making them a potential weak link. This episode focuses on third-party risk management, including how to evaluate a vendor's security posture before and after engagement. We cover due diligence checklists, contract clauses, security questionnaires, and ongoing monitoring practices. You'll also learn about shared responsibility models and how to manage risks across cloud, SaaS, and supply chain relationships. CISSPs must ensure that third-party access is governed with the same rigor as internal controls.
138 episodi
Condividi
