Supply Chain Information Risk Management

As demonstrated in recent hacks, the security integrity of 3rd party suppliers is critical in managing the risks to your systems.  Systems are only as secure as the systems they are connected to.  3rd Party connectivity and shared information requirements have become the common denominator in assessing the risk to business information these days.  Risk Crew can help you identify, minimise and manage this risk in a number of cost-effective ways.

Risk Crew can design and deliver a customised Supply Chain Information Risk Management program designed to meet your specific risk appetite. Our value-driven services would typically be comprised of some or all of the following deliverables:

  • Implementing Supplier information security control frameworks
  • Conducting Supplier service level agreement security reviews
  • Assessing & verifying Supplier security control evidence
  • Assigning Supplier inherent risk ratings
  • Defining control remediation requirements
  • Managing Supplier remediation programs
  • Conducting Supplier site assessments, security testing & compliance auditing
  • Administering Supplier information security awareness training

Risk Crew has also just released the latest version of 3PA Triage© our fast, simple and cost-effective Supplier information risk  classification portal tool.  3PA Triage© is designed to quickly classify the service providers in your supply chain into risk categories, defined by the volume and sensitivity of the data they are exposed to.  Your suppliers simply log on to a secure web portal and complete 10 questions we design for you.  Quick and easy; it takes no more than 5 minutes.  Once completed, the portal will evaluate and assign a risk category to each Supplier and then segment them accordingly, giving you a prioritised risk view of your supply chain.  The data can then be exported to reports or project management plans to support your supply chain governance, risk and compliance activities.

Additionally, we offer a full service Supply Chain Information Security Risk Management program wherein you can fully outsource your requirements to us for delivery. It’s a quick, efficient and cost-effective way to identify, minimise and manage the risks to the sensitive business information assets processed, store and transmitted across your supply chain.

Give us a call and tell us how we can help you.

For flat fee pricing structure and full service level agreements detailing service specifications, scope and deliverables for any of the above services or to place an order, contact Risk Crew.