When it comes to managing third party risk, it starts with the foundation and development of your third party vendor risk program.
- What data does the vendor have access to?
- What are they doing with it?
- Do they have access to our network?
- What’s the risk to our organization if that third party is breached?
