Managing Information Security Risks Posed by Suppliers
Suppliers pose a significant risk to your organisation’s information security posture. If suppliers which have access to your sensitive information and systems do not have adequate security controls and practices in place, they could accidentally or deliberately expose your information to unauthorised parties. And let’s be clear here, adequate is based on your risk appetite, not what they deem to be sufficient. Additionally, if your suppliers’ systems are compromised, it could lead to your systems and information being compromised.
The Need for Supplier Due Diligence
As such, it is essential to thoroughly assess the information security risks attached to your various suppliers and to implement adequate security measures to mitigate the associated risks. You need to decide, based on the information a supplier has access to, what controls you expect them to have in place. Managing information security risks from suppliers and the supply chain can be a complex task, but there are a number of actions you can take in mitigating any risks. One of the most important activities is conducting due diligence on suppliers and assessing their security controls and practices, and reviewing their compliance with relevant legislation and regulations.
Automating and Streamlining the Due Diligence Process
In this webinar, we will demonstrate how Abriska 27036, URM’s risk management tool, with its adoption of international standards and automation technology, can streamline the due-diligence process and robustly identify your high-risk suppliers for further action.
Attend this 1-hour webinar and learn how the Abriska tool:
- Conducts supplier due diligence and plays a pivotal role in the supplier risk management process
- Automates and centralises the process for conducting supplier risk assessments
- Enables tailored questionnaire assessments to be conducted with more in-depth assessments of critical suppliers including the weighting of certain questions
- Reduces the administrative overhead in sending out questionnaires and managing responses
- Enables responses to be analysed more effectively and integrated with risk management activities, including identifying and managing risk treatment actions
- Enables you to conform with the requirements of ISO 27001.
Register for the event
Please note, we can only process business email addresses.
Submit your question
If you have any immediate questions, please use the form provided below to ask up to 3 questions. You will also be able to ask additional questions during the session. No question will be left unanswered.
Did you miss the live event? Do not worry. We are recording the webinar and make the recording available within 24 hours after the webinar.
Did you miss the live event? Do not worry. We have recorded the webinar for you. Please watch the introduction to the webinar below. For the full recording please register using the form below the video.
Please register using the form below and we will provide you with the link to the recorded webinar.
Register to watch recording
Please note, we can only process business email addresses.