Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Cisco Security Advisory Services Third Party Risk Management Governance, Risk, and Compliance

Governance, Risk,
and Compliance
Cisco Security Advisory Services
Third Party Risk Management
Benefits
• Extend Partner Value
Establish third-party governance practices
to build trusted partner relationships
• Maintain Data Integrity
Identify and protect critical data shared
with third parties
• Support Business Continuity
Understand continuity risks and the
requirements for critical third parties to
support operational resilience
• Define and Enforce SLAs
More effectively manage service levels
based on risk tolerance and business
opportunities
• Achieve Compliance
Ensure third-party relationships support
ongoing compliance requirements
• Integrate Seamlessly
Understand third-party integration
dependencies and risks to meet
operational and technological objectives
• Proactively Manage Risk
Efficiently deliver improvement metrics for
executive and Board of Directors’ reporting
operational and technological objectives
Global enterprises increasingly rely on multiple third-party
vendors, contractors, and systems to support business
operations and achieve strategic objectives. While business
initiatives such as outsourcing operations, forming new
partnerships, shifting business offshore, and implementing
cloud computing services can result in tremendous benefits,
they can also introduce risk. As security becomes more
complex and networks more intertwined, third party risk
management is more essential to your business strategy
than ever.
Critical Business Operations Reliant
on Outside Vendors
When evaluating, implementing, or expanding third-party relationships,
it is critical to have a strong understanding of the risk landscape and how
the desired benefits, whether improved agility, increased performance,
or cost savings, could be offset by unforeseen vulnerabilities. Management
of third party risk can be complex because of increased regulatory scrutiny,
more demanding compliance and contractual obligations, and existing gaps
in traditional audits and certifications.
Ensure Business Continuity
Our Cisco® Security Advisory Services can help you understand your
full risk profile to which you are exposed from third parties. We help
companies make sure that their business relationships do not expose
them to unacceptable levels of risk.
Our proven methodology helps you understand and manage third—party
risk throughout the entire relationship lifecycle, from selection through
relationship conclusion. We identify the information needed to balance
risk and opportunity and help you make sure that you engage with
the most risk—appropriate organizations. With this knowledge you can
make better decisions about your business and about how you connect,
communicate, and collaborate with third party providers.
© 2015 Cisco and/or its affiliates. All rights reserved.
Cisco Security Advisory Services: Third-Party Risk Management
More About Our Services
• Third-Party Information Security Due Diligence:
Assessment of information security and compliance
risks associated with your organization’s relationships
with third-party providers.
• Third-Party Risk Management Program Development:
Review current state of your risk management program
or establish a new program from the ground up,
incorporating process to proactively address due
diligence, performance management, procurement,
assurance, and governance—addressing existing risks
and protecting against future threats.
• Third-Party risk Management Assessment: Identify
data that third-parties can access, determine the
vulnerabilities that could expose sensitive data, confirm
service provider compliance with regulations and
standards, identify continuity risks, and define SLAs.
Cisco Advisory: Seasoned Security Professionals
As strategic and technical advisors, Cisco Security Advisory
Services help leading organizations and executive teams
identify strategic opportunities in information security to
protect performance, create competitive advantage, and
capture long-term sustainable business value.
Backed by a superior combination of resources—vast
research and threat intelligence, mature methodologies,
and multidisciplinary experts across security, cloud,
mobility, collaboration, and data center operations—our
clients better manage risk and compliance, control cost,
and achieve strategic IT and business objectives.
Case Study: Global Technology Company
Challenges
• Multiple vendor assessment programs
• Ineffective prioritization and remediation for
vendor risks
• Bandwidth challenges limited the number
of assessments
Solution
• Pilot of vendor assessment program, including
program management and 25 assessments
• Program improvement recommendations
for processes, executive metrics and
management oversight
Outcomes
• 25–30 reviews per year for continuous improvement
in program and assessment efficacy
• Greater management transparency to vendor risks
through proactive security guidance
• Annual summary analysis across all programs
Key Features
• Expert collaboration, brainstorming and strategy
discussions
Technology-Enabled Consulting
with Cisco Advisory Accelerator
• Crowd-sourced, quality controlled knowledge
In consulting use, Advisory Accelerator is our project
management, workflow, and reporting platform for security
assessments. It enables rapid execution of project tasks,
integrates with many of our security assessment tools,
and facilitates efficient report generation and consultant
collaboration. It supports the breadth of Cisco’s services
and provides clients with access to real-time security
expertise whether it lies in-house, with Cisco, or even
with a 3rd party. With Advisory Accelerator, we work with
people collaboratively to make sense of it all and to provide
advisory strength from afar. Advisory Accelerator is truly
an automated, collaborative extension of the consulting
expertise that Cisco provides.
• Faster ramp of inexperienced security professionals
engine
• Assessment guidance, workflow and reporting
• Trend analysis to support ROI, budget planning
and product selection
• Best Practice Templates to address security gaps
and optimize key product platforms
• Product Templates to facilitate complex
technology integrations
Next Steps
Visit www.cisco.com/go/securityservices to connect
with our advisors and protect your business today.
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco
trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R) DEC14CS4667 09/15
Related documents
Open Source Used In Unified Screen and
Open Source Used In Unified Screen and
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
5 benefits of better video conferencing.
5 benefits of better video conferencing.
Cisco Customer Outcome Enablement Program Terms Pilot Phase Updated: 10/05/2015
Cisco Customer Outcome Enablement Program Terms Pilot Phase Updated: 10/05/2015
10_2_1_2 Worksheet - Answer Security Policy Questions
10_2_1_2 Worksheet - Answer Security Policy Questions
Download