To help organizations be better prepared against increasingly inevitable incidents, the Shared Assessments SIG Committee has released “Building Best Practices for Effective Monitoring of a Third Party’s Incident Event Management Program.” The paper outlines a newly developed best practices model of incident event management program creation. This new program tool covers planning, preparation, execution, reporting, and remediation control, to guide a higher level of preparation. It uses a proactive approach and a thorough review of outsourcing risks, as well as the possible disruption of service that could result. The model contains a defined means for protecting data, consumers and the outsourcing relationship. A step-by-step guideline is presented, which can be tailored to each relationship.
Bang for the Buck: Regulators Pivot to Fewer But Higher-Value Enforcement Actions
CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your...
