Why You Should Assess Vendors at the Product or Service Level
The examiners expect to see multiple risk assessments on one vendor. This means you may need to prepare multiple risk assessments for one vendor that includes information on your vendor's products or services, not just on the vendor themselves.
Risk rating each product is not only a good business practice, it’s a prudent risk mitigation step. Take the extra time to do the required digging and it will pay off - download the infographic now where we'll introduce you to the process.
Download the infographic for:
- What to include
- Reasons why it's expected on multiple products
- An example of a vendor who needs multiple assessments
- 3 best practices to help with multiple risk assessments on one vendor