Security Due Diligence
We work with many organisations where the need to carry out security due diligence reviews seems to grow year on year. Most organisations are required by law, regulations, contracts or due to market pressure to have established policies and controls that support the privacy and security of sensitive information. At certain key points during business operations, the adequacy of these policies and controls needs to be checked.
When you are taking on new suppliers, planning joint ventures or considering acquisitions, you need to be fully aware of the other party’s security capabilities and that they are working to the security standards that you require of them. Likewise, your customers and partners need to know you are managing your security obligations in relation to their data and that agreed measures are in place to protect shared information.
OUT SOURCED DATA PROCESSING
The increase in the outsourcing of business processes involving personal information compounds the problem. Many outsourcing contracts now include the right to exercise due diligence and oversight prior to and during engagements with service providers.
SECURITY DUE
DILIGENCE
WORKLOAD
This ever-growing workload is usually considered an exception to BAU activities and there is an expectation that it can be done along-side the normal workload. This can leave IT departments and information security departments stretched and, can impact the ability to keep on top of other important projects and routine tasks.
Our Consultants have vast experience in carrying out security due diligence on suppliers and responding to security due diligence questionnaires from customers. We provide expertise to organisations of all types and sizes both for supplier/customer management and pre-acquisition.
We provide professional assistance on an ad hoc or Virtual Team basis. Please contact us to find out how we could help to reduce your security due diligence workload.