Third Party Information Security Assessment

This webinar on information security assessment will highlight the principal steps/methodology for performing a third party information security assessment.

Why Should You Attend:

Companies recognize that information protection requires close cooperation between them and its suppliers, vendors and partners.

This presentation outlines the most important and relevant steps needed to safeguard a company’s information from unauthorized or accidental modification, damage, destruction, or disclosure in an environment that we don’t have total control over it. It covers the main benefits and constraints that we can face while evaluating the information security controls in a third party. Also, we will discuss about the use of ISO 27002 as a best practice for evaluating the existence of information security controls in an external organization. We also will see how this methodology can assist organizations in understanding the security risks and threats that may exist within their environment. We will review the three phases that must be conducted in order to understand and evaluate the information security environment of the third party.

We will discuss the practicality of these methodology and the implementation factors. We will examine an example and how this methodology was tested.

Areas covered in this webinar:

• Importance of Third party Information security Assessment.
• Phases of Methodology.
• Pre assessment
• During assessment
• Post assessment
• Benefits and constraints
• Roles and responsibilities
• Checklist
• Example

Who Will Benefit:

• IT Auditors
• Chief Information Security Officers
• Chief security officers
• ISO 27001 Lead auditors
• Security professionals
• IT Risk managers and professionals
• Staff with roles and responsibilities in vendor management.