ISO 27001

Fri
12
Feb

Third party vendor risk assessment – An ISO 27001 perspective and challenges during assessment

Third party vendor risk assessment – An ISO 27001 perspective and challenges during assessment

The vendor risk assessment is getting significant importance in today’s cyber security world. Vendor Risk Management (VRM) is the process to ensure the organization that their vendors does not create any loss to the business in any form (like financial loss, reputation loss, data loss etc.). This article describes the challenges faced during vendor risk assessment life cycle specific to the vendors and references based on ISO 27001 standards.

Why to implement vendor risk assessment?

One of the major problem areas of enterprise risk management is risk associated with vendor. Managing huge number of vendors and any other third-party relationships is difficult for any organization.

Wed
04
Mar

How important is ISO 27001 Compliance (ISMS Implementation) to an organization

When we talk about ISO 27001 compliance (ISMS Implementation), the general thought which everyone get is that it is the responsibility of the CISO or CXO of the organization to put things in place. They feel that security team of an organization needs to own up the implementation and are responsible & accountable for getting the organization certified. Though Information security team plays the front ending role of putting perspective in place, one needs to understand that ISMS Implementation is more of a top management driven initiative and it's a top down approach. Unless the management intends to put security in place through policy, procedures, standards and guidelines it cannot be advocated across and driven by the information security team to achieve this compliance.

Pages

Subscribe to RSS - ISO 27001