• Tidak ada hasil yang ditemukan

Third-Party Security Risk Assessment and Rating

N/A
N/A
Info
Unduh - Bebas
Protected

Academic year: 2024

Membagikan "Third-Party Security Risk Assessment and Rating"

Copied!
6
0
0

Memuat.... (Lihat teks lengkap sekarang)

Unduh sekarang ( 6 Halaman )

Teks penuh

(1)

Third-Party Security Risk Assessment and Rating

A Capstone Project Presented to the Faculty of the College of Computer Studies

De La Salle University

In Partial Fulfillment

of the Requirements for the Degree of Master in Information Security

by

Trinidad, Jovic O.

Mr. Gregory Cu Faculty Adviser

April 7, 2023

(2)
(3)
(4)
(5)
(6)

Abstract

Organizations utilizing the applications and programs that were developed by a third-party supplier is on the rise. The combination of low-cost solution with the speed of implementation entices organizations to ditch the old model of hiring an entire team of individuals to internally develop applications that will fill-in their business needs. In trying to keep up with the digitization of competitors, organizations often overlook the cybersecurity risks a third-party supplier can potentially introduce to the existing information systems.

There is a gap on a standard process that will serve as a security checkpoint for all third-party developed programs and applications before they get onboarded to the organizations internal systems. For the target organization in this project, third-party applications sometimes do not go through the proper information security checks and implemented into the production environment without clearance from the information security team.

This initiative aims to fill this gap with a standard process to properly assess the vendor’s information security capabilities, guide them with the proper security configuration of the application in compliance to the organization’s minimum-security standards and to rate the vendor with a granular security matrix so that future engagements with a vendor can be properly assessed in the context of cybersecurity.

Referensi

Unduh sekarang ( PDF - 6 Halaman - 511.14 KB )

Dokumen terkait

REGULATING PRIVATE SECURITY COMPANIES (PSCs) AND PRIVATE MILITARY COMPANIES (PMCs) UNDER THE LAW OF TIMOR­LESTE | Soares | Mimbar Hukum 16035 30579 1 PB

The International Code of Conduct for Private Security Services Providers, a joint initiative sponsored by the International Committee of the Red Cross and the Swiss

View of Profitability: Third Party Funds and Credit Risk Study on Indonesian Digital Banking

It can be implied that the higher third party funds collect by digital banking it can lower non performing loan due to high numbers of fund that successfully collected it can

Bitcoin and Blockchain Security pdf pdf

This book takes a holistic approach in covering the security and privacy throughout the entire life cycle of coin expenditure in the system—effectively covering the security

AND SECURITY STUDIES

While we in the security sector have a responsibility to do this on behalf of New Zealand, the Centre for Defence and Security Studies plays an important role in contributing to the

Postcolonial Accumulation and the Private Security Industry

Postcolonial Accumulation and the Private Security Industry Abstract This paper will focus on the connections between the expansion of the private security industry PSI and

Risk Assessment and Evaluation of Predictions

Simulation studies can be used to guide the design of another larger study, by simulating both matched and unmatched nested case-control studies by varying factors related to study

Security in Internet of Things (IoT): Challenges and Models

Physical Security-based Models The goal of this study is to create a standard information security paradigm for collaborative virtualization in the Internet of Things.. The study

Heritage Language Maintenance and Ethnic Identity in Virtual Communication among Javanese Basketball Coaches in Indonesia

Within this phenomenon in consideration, this present study aims to fill the gap by observing whether the Javanese adults of Basketball coaches attitudes in the WhatsApp group shape the