The most effective way for corporate legal teams to comply with privacy and data protection regulations.
Powered by Jordan Lawrence ®
Vendor Risk ServiceSM
Your third-party service providers can be weak links exposing your company to data breaches and privacy violations.
In fact, in as much as 50% of breaches, access through a third party is the entry mechanism for cybercriminals.
Notably, only 6% of respondents for the ACC Foundations: The State of Cybersecurity Report say they have the highest degree of confidence that their third-party vendors protect them from cybersecurity risks.
The increase in third parties processing regulated data and the surge in third-party data protectionviolations and breaches means third-party risk assessments should be a top priority for general counsel.
Do you assess all third-party service providers?
Are your assessments conducted using spreadsheets?
Can you demonstrate effective compliance?
Are you meeting your regulatory obligations?
ACC Vendor Risk Service is the only solution that quickly identifies which third parties requirecomprehensive assessment according to key regulations like the GDPR, 23NYCRR 500, FARs, and others.
Leverage powerful technology to expand the reach and effectiveness of your third-party due diligence efforts.
All our survey standards are based on recognized cyber security standards and designed for fast, accurate responses from your vendors.
LAW FIRM ASSESSMENT
Incorporate the Law Firm Survey standard (based on the ACC Model Controls) to help identify some of your most pressing risks.
Your largest third parties are not your greatest risk. Use the Vendor Risk Profile standard to assess your presumed "low risk" vendors.
World-class question sets based on recognized and reasonable frameworks.
Effective insights and reporting to identify risks and avoid unnecessary incidents.
Fully-automated distribution, reminders and reporting.
Vendors can distribute question sets to internal experts for more accurate and rapid responses.
Flexibility to modify surveys to meet your specific needs.
Documented processes to support your practices when an incident happens.
Preset surveys based on recognized international frameworks.
Preset heat mapping to help streamline your vendor review process.
Support from our professional services team.
For the ACC Vendor Risk Service, recognized frameworks and models have been adapted. The three assessment standards can be easily modified.
The Comprehensive Risk Standard builds directly off the NIST Cyber Security Framework and SP 800-171 standards as well as the intentions of the EU General Data Protection Regulation and other domestic and international requirements.
The Law Firm Standard was created from the ACC Law Firm Cybersecurity Questionnaire and Guide.
Copyright 2017 The Association of Corporate Counsel. All Rights Reserved.