Time Required: 60 minutes
Availability: Web-based pre-recorded webinar
What You Get: Vendor Site Visit ScoreCard, Site Visit Planning Worksheet, webinar Workbook
Who Should Take It: Vendor Management staff, IT staff, COO, CIO, BCP/DR Team, Compliance and Risk
Going on a vendor site visit could either be a waste of time and money or it could be extremely beneficial if it is planned properly and goals are set. However, without advance planning and knowing what to ask and look for, you’re at the mercy of the vendor’s agenda which does not always match yours.
Vendor Site Visits: Beyond the Welcome Mat begins with the planning and preparation stages so that you set an agenda for yourself in order to come away with the information you need to make intelligent business decisions about the vendor relationship.
The course then continues with observations you should be making before you even set foot in the vendor’s facility and questions that you should be asking once you arrive. We even dive into the “intangibles” that you should develop a feel for about the vendor’s staff and their interactions with one another.
The Site Visit ScoreCard examines 14 functional areas and provides more than 360 questions to choose from depending upon the type of vendor you visit and the goals that you set in the planning stage. Each functional area is scored and rated against your own risk tolerance and then they all roll up into an overall score and vendor rating. The following functional areas are assessed (as appropriate):
- Facility Access
- Corporate Structure and Strategy
- HR & Staffing
- Physical & Environmental Controls
- Technical Access Controls
- Network Security
- Patch & Change Management
- Data Management
- Security Policy
- Software Development Life Cycle
- Incident Response
- Business Resilience
- Hosted Application Controls
- 4th Party Management