Vendor Audit Services:

In our experience of over 30 years as a vendor managing the most confidential of information we know the pitfalls and vulnerabilities vendors can exhibit. Vendor clients are subject and responsible to Federal and state citations even if it is the vendors who by negligence or criminal behavior have caused an information security breech.

MRE has a vendor audit that will keep your company informed as to the risk, control and vulnerabilities of vendors.

MRE Enterprises Vendor Audit Package

Objective: Help companies assure their vendors are treating personal and sensitive company information according to information security best practices.

Description: Provide a privacy compliance audit on three selected vendors of the organization.

Areas of Review:

  • Information Security

  • Application Security

  • Physical Security

  • Privacy Compliance with Gramm/Leach/Bliley and HIPAA Regulations

Services Provided:

  • Pre-interview questionnaire and audit checklist review with client

  • Review and legal opinion of the selected vendor contracts

  • A one-day interview with each selected vendor organization to identify

  • Types of data collected

  • Information security practices

  • Data storage and transmission practices

  • Employee hiring practices

  • Employee training programs

  • Escalation and breach notification procedures

  • Summary report of findings

  • Review of interviews

  • Level of vendor compliance

  • Follow up action steps

  • Six month action step follow up interviews with each vendor and report to management

For more details click here

 
 
 
         
Copyright 2004, MRE-ENT.com