Vendor Management and Third Party Oversight

Vendor management is becoming an increasing concern in today’s IT and enterprise environments.  With increased regulatory scrutiny of third parties comes additional overhead for organizations that may not be able to adequately assess the risk for these relationships.  Not only are there third parties to be considered, but now it’s important to evaluate their sub-contractors, also known as fourth party relationships.  How far down the supply chain must you consider the risk?  Furthermore, examiners have different expectations depending on your regulatory requirements within your environment, including:

  • PCI
  • SOC 2 (SSAE 18)
  • FDA 21 CFR Part 11
  • GLBA
  • European Union’s General Data Protection Regulation (GDPR)
  • New York State’s Cybersecurity Regulations
  • Singapore’s Computer Misuse and Cybersecurity Act

Our team has helped many organizations navigate the increasingly complex world of vendor management.  For some of our clients, we have helped them to build comprehensive programs to evaluate these relationships, as well as to complete the assessments of vendors and partners.  For other clients, we’ve assisted with creating reports that can be provided to vendors and partners to define the controls within the environment and show that these have been adequately tested by an unbiased third party.  No matter which side of the relationship you find yourself, we can help.

Share This Page

Share Clark Schaefer on Facebook Share Clark Schaefer on Twitter Share Clark Schaefer on Google Share Clark Schaefer on LinkedIn StumbleUpon Share Clark Schaefer on Digg Share Clark Schaefer on Reddit

A regional CPA consulting practive serving elite and emerging companies with practical solutions in finance, control, and technology. Offering a compelling alternative to national accounting and consulting firms, executing strategies and delivering results. We dedicate intellect, methodologies, and resources to ensure your success. A virtual extension of your department to enhance your capabilities and capacity.
One East Fourth Street