Vendor Risk and Supply Chain Considerations (Domain 5)
No se pudo agregar al carrito
Add to Cart failed.
Error al Agregar a Lista de Deseos.
Error al eliminar de la lista de deseos.
Error al añadir a tu biblioteca
Error al seguir el podcast
Error al dejar de seguir el podcast
Vendor Risk and Supply Chain Considerations (Domain 5)
-
Narrado por:
-
De:
Acerca de esta escucha
A growing portion of cybersecurity risk now comes from outside the organization—specifically, through third-party vendors, suppliers, and service providers. In this episode, we examine how to assess and manage vendor risk across the full lifecycle, starting with due diligence during procurement and continuing through onboarding, monitoring, and offboarding. We explore how to evaluate vendors based on their security policies, compliance certifications, breach history, and contract terms—especially service-level agreements (SLAs) and right-to-audit clauses. Supply chain security goes beyond software and hardware providers—it includes contractors, cloud services, and even logistics partners whose failure could impact business operations. We also cover how to tier vendors by criticality, apply targeted controls, and track third-party risks through assessments and questionnaires. When you extend your network to a vendor, you extend your risk—and smart organizations manage it proactively.