Third-Party Due-Diligence & Vendor Management Program - GDPR

Third-Party Due-Diligence & Vendor Management Program - GDPR:  Comprehensive third-party due-diligence initiatives, along with consistent measures for assessing and monitoring vendors, is an absolute necessity for compliance with the General Data Protection Regulation (GDPR).  From sourcing products for purchase to outsourcing critical operational and security functions – and more – it’s imperative that organizations develop a formalized approach for choosing organizations for which they outsource to, and then monitoring such organizations.  The practice of outsourcing is widely used by almost every business – and it’s only going to continue to grow – so now’s the time to start putting in place initiatives for effectively monitoring these organizations..

Available for instant download, the Third-Party Due-Diligence & Vendor Management Program comes complete with the following sections: 

  • Third-Party Due-Diligence & Vendor Management Template: In-depth MS Word template covering all essential phases relating to (1). vetting potential service providers, then (2). monitoring such providers on a regular basis. The template is an excellent tool for assessing a third-party’s internal controls and related processes and procedures for a wide-range of areas and key risk factors.
  • Specifically, the template includes in-depth documentation for the following phases: (1). Risk Based Approach. (2). Define Risk and Appropriate Level of Due-Diligence for Identified Parties. (3). Performing Due-Diligence. (4). Vendor Management Program. (5). Continuous Monitoring
  • Vendor Management Policy and Procedures: An incredibly detailed, well-written policy and procedures template developed by regulatory compliance experts consisting of all necessary documented policies, procedures, and processes related to the broader concept of third-party due-diligence and vendor management.

Additional Information

  • Document Length: 61 Pages.
  • Topics Covered: Dozens of sections and categories pertaining to the broader subject of third-party due-diligence and vendor management best practices.
  • Framework: Developed in accordance with best practices derived from industry specific vendor administrator guides, NIST SP 800 publications, FIPS publications, ISO 27000 series of standards, COBIT, USCERT, NSA hardening documents, DIACAP, DISA STIGs, industry leading cloud computing publications, Defense-In-Depth and Layered Security best practices, along with numerous other globally recognized benchmarks, standards, frameworks, association, and publications within the broader field of information security.
  • Download Use: One (1) per company.

Related Items