January 23, 2019 | Tools & Templates | Application Development and Testing
This questionnaire is used during the due diligence phase of the third-party risk management process. It is developed based on the security and financial risks identified and quantified in the initial risk assessment, completed by vendors and then numerically scored by the third-party risk assessment team.
Many U.S. assumptions must be adjusted when assessing third parties overseas in areas like the EU, China, Russia or India. In this Ask-an-Expert written response, IANS Faculty Josh More explains the differences in terms of culture and expectations, and provides key questions to help assess overseas vendors appropriately.
While many organizations consider intelligent application service monitoring (IASM) tools to be primarily operational in nature, they can also play an important role in security. In this Ask-an-Expert written response, IANS Faculty Jake Williams details the key features to assess across tools like AppDynamics, Dynatrace and New Relic.
Third-party/subcontractor breaches released four times the number of exposed records compared to 2017 -- 4.8 million vs. 935,000. Medical subcontractors exposed the most records (2.8 million) in 2018 and saw the biggest jump.