We will be discussing Service Provider Management.
As the saying goes, “We are only as strong as our weakest link”. So how strong is the supply chain that we use in our own organisations?
In our May session, we will take a look at supplier management and discuss the risks we need to manage and how these should be managed. With the help of the YCSC community we will discuss:
- How we classify service providers.
- How we onboard new suppliers.
- What security controls are you expecting to see?
- Your legal obligations associated with controllers and processors.
- How regularly you should audit your suppliers, and what are you auditing against?
The risks surrounding third party providers is said to be on the increase and with ISO27002:2022 specifically focusing a control on Cloud Security, this is a topic of increasing importance.
