ISF: Your first line of defence in supplier security risk management

risksupply chainpeople

A lot of organisations have outsourced to a third party and so they feel as if they’ve abdicated responsibility, and you haven’t… you are responsible for the collection of data

Cyber security incidents are pervasive and increasing, and that is not going to change.

Regardless of the efficacy of any supplier and their security posture, mistakes will still happen, and gaps will have been left. Controls intended to prevent disruptive outcomes can – and will – fail.

Management of third parties does not start and end within an assurance activity. Businesses need a holistic approach that targets several problem spaces simultaneously, which draw on industry best practices to engage with the business, manage suppliers and communicate associated risk.

Read more ►

Three ISF Resources to effectively manage suppliers across their complete lifecycle

View all resources

tool

Supplier Security Suite

Rise to the supplier risk challenge with a risk-based approach to your end-to-end supplier management lifecycle.

tool

Information Risk Assessment Methodology 2 (IRAM2)

A simple, practical, yet rigorous approach to risk assessments, enabling organisations to speak a common language with key stakeholders.

service

Supply Chain Management Assessment

Gain an up-to-date picture of information risk in your supply chain to reduce risk from external suppliers and improve cyber resilience.

GET IN TOUCH

STEVE DURBIN DISCUSSES THE IMPORTANCE OF INVESTING IN YOUR ORGANISATION'S ECOSYSTEM

Adopt a holistic approach to supplier security

ISF Members have unlimited access to practical, peer-influenced best practice in supplier risk and information security management. Get in touch today to discover how ISF Membership can empower your organisation to tackle supplier management challenges with confidence.

Become a Member