Third-party security risk assessment and rating
Organizations utilizing the applications and programs that were developed by a third-party supplier is on the rise. The combination of low-cost solution with the speed of implementation entices organizations to ditch the old model of hiring an entire team of individuals to internally develop applica...
Saved in:
| id |
oai:animorepository.dlsu.edu.ph:etdm_comtech-1020 |
|---|---|
| record_format |
eprints |
| institution |
De La Salle University |
| building |
De La Salle University Library |
| continent |
Asia |
| country |
Philippines Philippines |
| content_provider |
De La Salle University Library |
| collection |
DLSU Institutional Repository |
| language |
English |
| topic |
Information technology Computer security Information storage and retrieval systems—Security systems Information Security |
| spellingShingle |
Information technology Computer security Information storage and retrieval systems—Security systems Information Security Trinidad, Jovic O. Third-party security risk assessment and rating |
| description |
Organizations utilizing the applications and programs that were developed by a third-party supplier is on the rise. The combination of low-cost solution with the speed of implementation entices organizations to ditch the old model of hiring an entire team of individuals to internally develop applications that will fill-in their business needs. In trying to keep up with the digitization of competitors, organizations often overlook the cybersecurity risks a third-party supplier can potentially introduce to the existing information systems. There is a gap on a standard process that will serve as a security checkpoint for all third-party developed programs and applications before they get onboarded to the organizations internal systems. For the target organization in this project, third-party applications sometimes do not go through the proper information security checks and implemented into the production environment without clearance from the information security team. This initiative aims to fill this gap with a standard process to properly assess the vendor’s information security capabilities, guide them with the proper security configuration of the application in compliance to the organization’s minimum-security standards and to rate the vendor with a granular security matrix so that future engagements with a vendor can be properly assessed in the context of cybersecurity. |
| format |
text |
| author |
Trinidad, Jovic O. |
| author_facet |
Trinidad, Jovic O. |
| author_sort |
Trinidad, Jovic O. |
| title |
Third-party security risk assessment and rating |
| title_short |
Third-party security risk assessment and rating |
| title_full |
Third-party security risk assessment and rating |
| title_fullStr |
Third-party security risk assessment and rating |
| title_full_unstemmed |
Third-party security risk assessment and rating |
| title_sort |
third-party security risk assessment and rating |
| publisher |
Animo Repository |
| publishDate |
2023 |
| url |
https://animorepository.dlsu.edu.ph/etdm_comtech/19 https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/viewcontent/Third_party_security_risk_assessment_and_rating.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/0/type/additional/viewcontent/2023_Trinidad_approval_sheet_signed.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/1/type/additional/viewcontent/2023_Trinidad_General_checklist.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/2/type/additional/viewcontent/2023_Trinidad_student_research_ethics_clearance_form.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/3/type/additional/viewcontent/2023_Trinidad_PreliminaryPages.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/4/type/additional/viewcontent/2023_Trinidad_Chapter1.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/5/type/additional/viewcontent/2023_Trinidad_Chapter2.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/6/type/additional/viewcontent/2023_Trinidad_Chapter3.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/7/type/additional/viewcontent/2023_Trinidad_Chapter4.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/8/type/additional/viewcontent/2023_Trinidad_Chapter5.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/9/type/additional/viewcontent/2023_Trinidad_Bbiliography.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/10/type/additional/viewcontent/2023_Trinidad_Appendices.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/11/type/additional/viewcontent/2023_Trinidad_PISC.xlsx https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/12/type/additional/viewcontent/2023_Trinidad_VRRQ.xlsx https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/13/type/additional/viewcontent/2023_Trinidad_VRRC.xlsx https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/14/type/additional/viewcontent/2023_Trinidad_img_1.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/15/type/additional/viewcontent/2023_Trinidad_img_2.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/16/type/additional/viewcontent/2023_Trinidad_img_3.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/17/type/additional/viewcontent/2023_Trinidad_img_4.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/18/type/additional/viewcontent/2023_Trinidad_img_5.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/19/type/additional/viewcontent/2023_Trinidad_img_6.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/20/type/additional/viewcontent/2023_Trinidad_img_7.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/21/type/additional/viewcontent/2023_Trinidad_img_8.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/22/type/additional/viewcontent/2023_Trinidad_SubmissionConsentForm.pdf |
| _version_ |
1769841939378601984 |
| spelling |
oai:animorepository.dlsu.edu.ph:etdm_comtech-10202023-06-22T06:02:50Z Third-party security risk assessment and rating Trinidad, Jovic O. Organizations utilizing the applications and programs that were developed by a third-party supplier is on the rise. The combination of low-cost solution with the speed of implementation entices organizations to ditch the old model of hiring an entire team of individuals to internally develop applications that will fill-in their business needs. In trying to keep up with the digitization of competitors, organizations often overlook the cybersecurity risks a third-party supplier can potentially introduce to the existing information systems. There is a gap on a standard process that will serve as a security checkpoint for all third-party developed programs and applications before they get onboarded to the organizations internal systems. For the target organization in this project, third-party applications sometimes do not go through the proper information security checks and implemented into the production environment without clearance from the information security team. This initiative aims to fill this gap with a standard process to properly assess the vendor’s information security capabilities, guide them with the proper security configuration of the application in compliance to the organization’s minimum-security standards and to rate the vendor with a granular security matrix so that future engagements with a vendor can be properly assessed in the context of cybersecurity. 2023-04-07T07:00:00Z text application/pdf https://animorepository.dlsu.edu.ph/etdm_comtech/19 https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/viewcontent/Third_party_security_risk_assessment_and_rating.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/0/type/additional/viewcontent/2023_Trinidad_approval_sheet_signed.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/1/type/additional/viewcontent/2023_Trinidad_General_checklist.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/2/type/additional/viewcontent/2023_Trinidad_student_research_ethics_clearance_form.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/3/type/additional/viewcontent/2023_Trinidad_PreliminaryPages.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/4/type/additional/viewcontent/2023_Trinidad_Chapter1.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/5/type/additional/viewcontent/2023_Trinidad_Chapter2.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/6/type/additional/viewcontent/2023_Trinidad_Chapter3.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/7/type/additional/viewcontent/2023_Trinidad_Chapter4.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/8/type/additional/viewcontent/2023_Trinidad_Chapter5.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/9/type/additional/viewcontent/2023_Trinidad_Bbiliography.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/10/type/additional/viewcontent/2023_Trinidad_Appendices.pdf https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/11/type/additional/viewcontent/2023_Trinidad_PISC.xlsx https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/12/type/additional/viewcontent/2023_Trinidad_VRRQ.xlsx https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/13/type/additional/viewcontent/2023_Trinidad_VRRC.xlsx https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/14/type/additional/viewcontent/2023_Trinidad_img_1.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/15/type/additional/viewcontent/2023_Trinidad_img_2.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/16/type/additional/viewcontent/2023_Trinidad_img_3.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/17/type/additional/viewcontent/2023_Trinidad_img_4.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/18/type/additional/viewcontent/2023_Trinidad_img_5.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/19/type/additional/viewcontent/2023_Trinidad_img_6.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/20/type/additional/viewcontent/2023_Trinidad_img_7.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/21/type/additional/viewcontent/2023_Trinidad_img_8.jpg https://animorepository.dlsu.edu.ph/context/etdm_comtech/article/1020/filename/22/type/additional/viewcontent/2023_Trinidad_SubmissionConsentForm.pdf Computer Technology Master's Theses English Animo Repository Information technology Computer security Information storage and retrieval systems—Security systems Information Security |