Now that we have identified the issues to watch out for, we can share what you can do to triage risks and develop your 3rd Party GRC Solution.
Recent Posts
Let’s Reassess How You Think About 3rd Party Assessments!
Caveat: We can’t possibly provide a complete 3rd Party consulting framework in a short blog. This post is to provide you with a new framework for 3rd Party risk and new thinking in assessments.
First, let’s clearly define what a 3rd Party is. We believe they encompass all of the following: suppliers, 3rd Party agents, contractors, distribution centers, call centers, contract manufacturers or assemblers, outsourcing firms, service providers (SaaS, Cloud, and a thousand more).
Clients of all shapes and sizes receive inbound assessments from much larger organizations with something strikingly similar to one another: they all use this 5 point scale that makes no sense to smaller companies. Initial? Managed? What do these all mean?
Let’s help explain to you what these are.
At JustProtect, our goal is to provide software for companies of all sizes to assess themselves and the companies they wish to trust. As a result, we are consistently maturing our security program and best practices that are auditable, repeatable, and developed to a baseline that is accessible to all. To further expand our best practices, we committed to achieving Type 1 SOC 2 attestation in 2020 for Security, Availability, and Confidentiality trust principals.
©2019-2021 JustProtect Inc.