SY0-601 Exam QuestionsBrowse all questions from this exam

SY0-601 Exam - Question 470


A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

Show Answer
Correct Answer: B

A Service Level Agreement (SLA) is a contractual agreement between a company and a third-party supplier that outlines the level of service the supplier is expected to provide, which can include specific requirements such as self-reporting data breaches within a certain timeframe. MOUs, EOLs, and NDAs do not generally cover service levels or breach reporting in the same way.

Discussion

8 comments
Sign in to comment
ApplebeesWaiter1122Option: B
May 15, 2023

The company policy requiring third-party suppliers to self-report data breaches within a specific time frame is an example of compliance with an SLA (Service Level Agreement).

Ghost6333525Option: B
Jan 3, 2024

TIME= SLA

MalkhofashOption: B
Dec 30, 2023

SLA is the answer

PesosOption: B
Apr 9, 2024

Business to user = MOU. Business to business = SLA

mouettespaghettiOption: B
May 2, 2023

-B is correct The company policy requiring third-party suppliers to self-report data breaches within a specific time frame is an example of a third-party risk management policy that complies with an SLA (Service Level Agreement), as shown in option B. An SLA is an agreement between a service provider and a customer that outlines the level of service that will be provided, as well as any specific requirements or expectations. In the context of third-party risk management, an SLA may include specific requirements related to data security, such as the requirement for third-party suppliers to self-report data breaches within a certain time frame.

if10wOption: B
May 4, 2023

>>>B<<<< >>"SLA" (Service Level Agreement) <<< The company policy is complying with the "SLA" (Service Level Agreement) third-party risk management policy. An SLA is a contractual agreement between a company and a third-party supplier that outlines the level of service that the supplier is expected to provide. In this case, the SLA requires the third-party supplier to self-report data breaches within a specific time frame. This helps to ensure that the supplier is meeting the company's security requirements and that any breaches are identified and addressed in a timely manner. The other options (MOU, EOL, and NDA) are not directly related to third-party risk management policies.

GamsjeOption: B
Jul 18, 2023

B. SLA

qacollinOption: B
Jul 21, 2024

Every time I see “third party” involved it’s SLA