Supply Chain Security Reviews
Recent security breaches have highlighted the continued importance of managing the security of your supply chain. Lots of organisations have complex supply chains and therefore prioritising and managing assessments is challenging and resource intensive.
Our team of security experts are able to carry out these reviews on your behalf to provide you with visibility and assurance over your supply chain security arrangements.
What Does The Review Cover?
The supplier review is tailored to individual client needs based on good practice from standards such as ISO 27001. Typically, a review will include the following aspects of the supplier:
- Physical security at the supplier premises
- Employee security measures
- Security of your data stored and transmitted by the supplier
- Retention, return or destruction of your data
- Compliance with GDPR if personal data is processed
- User access to systems containing your data
- Technical security testing performed by the supplier
- Supplier security incident management
- Supply chain security management
Our Approach to Security Supplier Reviews
If you have just started looking at supply chain security, our consultants can work with you to prioritise your suppliers according to risk and develop a programme of reviews to meet your business needs. The scope of each review can be tailored to the specific risks each supplier presents and could range from basic supplier questionnaires through to full on-site audits.
If your organisation already has a developed supply chain security management programme you can use our consultants to undertake the reviews on your behalf.
The standard output of each supplier review will be a formal report outlining any security issues we have identified along with practical recommendations for both you and your supplier.