📄
Content Library
  • Uncanny Software
  • Blog Posts
    • Using 1Password to share local secrets
    • How I Maintain OSS Projects
    • A Style Guide For HTML & CSS
    • The Reddit blackout is a lesson in risk management
  • Developer Documentation
    • Balena Push
    • Card Dealer
    • A Guide to Story Point Estimation
    • Guidelines for Translating Your Project using i18next
  • InfoSec Policies
    • Access Control Policy
    • Information Classification Policy
    • Password Management Policy
    • Physical Security Policy
    • Business Continuity Policy
    • Information Security Policy
    • Data Classification Standard
    • System Change Management Policy
    • Vendor Management Policy
    • Removable Media
    • Mobile Device Policy
    • Vulnerability Scanning Policy
    • Media Disposal Policy
    • System Hardening Policy
    • Encryption Policy
    • Intellectual Property Policy
  • Management
    • finops
    • information-technology
    • Operations
    • People Management
    • Program Scaling
Powered by GitBook
On this page
  • Purpose
  • Scope
  • Policy
  • Third-Party Vendor Risk Assessment
  • Addressing Violations or lack of requirements
  • Violations
  • Definitions
  • References
  • Related Documents
  • Revision History
  1. InfoSec Policies

Vendor Management Policy

Purpose

The intent of this policy is to ensure that Third-Party Vendors which Uncanny Software engages with undergo review and oversight to mitigate dependency risks to the business.

Scope

This policy applies to all engagements with third parties entities which Uncanny Software exchanges Sensitive, Confidential, or Private data.

Policy

Third-Party Vendor Risk Assessment

  • Information Risk Assessment - Assess the information risk (confidentiality, integrity, availability, and privacy) associated with the service outsourced by interviewing key Uncanny Software business owners and internal stakeholders;

Addressing Violations or lack of requirements

Violations

Definitions

References

Related Documents

Revision History

Last updated 1 year ago

Data Classification Standard
Document history via Github