Content & Overview Flashcards

1
Q

Pre-Contract Due Diligence

A

One might find few practitioners in this space who would argue against the statement this is the most critical process. Any risk not discovered before a contract is signed will be harder to remediate. You lose leverage after the contract is signed, and both parties know it. The overall process of how to develop a holistic TPRM program is a larger
discussion; however, in this session, we will focus on cyber pre-contract due diligence activities. Our discussion will also include ways to leverage a risk-based approach for both efficiency and efficacy. In the book, “Cybersecurity & Third-Party Risk” it is called “Onboarding Due Diligence” and this points out that naming for processes and programs will vary by company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Overview

A

-Most critical process for reducing risk.
-Focus is on pre-contract cyber due diligence activities (and not all pre-contract due diligence activities).
-Focus on a risk-based approach.

*This is where you have the most leverage over vendors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly