Which of the following is the BEST indication of mature third-party vendor risk management for an organization?
A . The third party’s security program Mows the organization s security program.
B . The organization maintains vendor security assessment checklists.
C . The third party maintains annual assessments of control effectiveness.
D . The organization’s security program follows the thud party’s security program.
Answer: B
Explanation:
The BEST indication of mature third-party vendor risk management for an organization is that the organization maintains vendor security assessment checklists. This is because vendor security assessment checklists help the organization to evaluate and monitor the security posture and performance of their third-party vendors, based on predefined criteria and standards. Vendor security assessment checklists also help the organization to identify and mitigate any gaps or issues in the vendor’s security controls or processes. The other options are not as indicative of mature third-party vendor risk management for an organization, because they either involve following or mimicking the security program of either party without considering their own needs or risks (A, D), or relying on the vendor’s self-assessment without independent verification or validation C.
Latest Cybersecurity Audit Certificate Dumps Valid Version with 75 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund