During this time of uncertainly we wanted to make sure we added some assistance and relief to an otherwise stressful situation. We're required to embrace this period of adjustment and get used to a new "normal."
While this is going on, wherever possible, businesses needs to run, and their dependency on third-parties and supply chains continue. We often think that 3rd party risk assessments are reserved for the much larger organizations. No company is too small to determine their dependency on 3rd parties and to assess if alternative solutions are needed for their business to operate.
At JustProtect we have seen our more mature customers streamline a traditional assessment (~100 questions) into a fundamental set of questions which will allow you to determine if the 3rd party poses a risk to your business.
Whether you use JustProtect to assess your 3rd parties or not, you should assess the following 10 things:
People:
-
Are you safe / well?
-
Just asking that gives a view into what's going on
-
-
Is the team that supports us able to work remotely?
-
If they can't, then this could impact their ability to support your company
-
-
Do all key staff supporting your company have trained back-ups in the event they are unavailable (Y/N)?
Processes:
-
Does your organization have a process for notifying staff of changing conditions?
-
Have you identified your critical suppliers of goods & services, in order for your organization to provide service to our company?
-
Do you have a process for providing IT support for staff working remotely?
-
Is senior management meeting regularly to assess how your service delivery has been impacted?
Data & Technology:
-
Is our data stored in new physical locations as a result of your response to this situation?
-
Do people working remotely log on using mutli-factor authentication?
-
Is all critical data backed up and readily available?