Supplier Cyber Scoping Tool
Overview of the Tool When working with suppliers and other third parties, it’s essential to understand the security controls they have in place. These partners can introduce significant risk if their cyber posture is weak - and in large organisations, there’s usually a patchwork of onboarding, procurement, risk, and IT processes trying to keep it all in check. One key step in onboarding a third party is performing supplier due diligence. That often includes an information security assessment to get a sense of how well the supplier is managing threats, vulnerabilities, and data protection, and your goal is really to establish that they’re doing things as well as you are. In some cases you may even learn some good practice from them. ...