Professional Documents
Culture Documents
Checklist - CISO Checklist Vendor RIsk Management
Checklist - CISO Checklist Vendor RIsk Management
Vendor has implemented a clear and resilient supply chain security program.
Vendor had demonstrated how they plan to keep your business informed
about cyber-incidents impacting their ecosystem.
Page 1
CISO Checklist:
Vendor Risk Management
A list of all current and historical vendors is maintained and always kept up-
to-date
Vendors with the highest level of access to sensitive customer data are
assessed at a higher frequency and with stricter security standards
Page 2
CISO Checklist:
Vendor Risk Management
Ensures you have a process in place for mitigating the chances of vendor
vulnerabilities being exploited.
Ensure all vendors are encrypting their data with the Advanced Encryption
Standard (AES).
Page 3
CISO Checklist:
Vendor Risk Management
Establish channels for keeping our security teams informed about global
developing cyber threats.
Page 4