Pay attention to third party risk management

If the company will have access to regulated information such as customer or employee personal data or proprietary company information, due diligence will include a detailed assessment of their information security controls, environment, policies and practices. More...