From the course: Supply Chain Cybersecurity: Preventing Supply Chain Attacks
Join today to access over 25,500 courses taught by industry experts.
Managing the third-party lifecycle
From the course: Supply Chain Cybersecurity: Preventing Supply Chain Attacks
Managing the third-party lifecycle
- [Instructor] Preventing supply chain attacks takes coordination and collaboration from a number of key parties in your organization's security function. One can argue that one of the most important teams in this effort is the third-party risk team. The third-party risk team's core mission is to reduce risk and exposure for the company by providing ongoing management of vendors throughout the vendor life cycle. Key milestones in the vendor life cycle include assessment, contracting, implementation, ongoing monitoring and offboarding. During the assessment phase, third-party risk coordinates with a prospective vendor to assess their security environment. This effort can be conducted in a variety of ways. Vendors are asked to complete questionnaires, provide SOC reports, or are interviewed by third-party risk professionals to understand processes and controls related to their security environment. The goal of this…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.