Which of the following is the MOST effective way to ensure the security of services and solutions delivered by third-party vendors?
Which of the following is the MOST effective way to ensure the security of services and solutions delivered by third-party vendors?
Performing an audit on vendors' security controls and practices is the most effective way to ensure the security of services and solutions delivered by third-party vendors. Audits are thorough assessments that evaluate the vendors' security posture, identify any vulnerabilities, and ensure they comply with the required security standards and best practices. This approach directly examines the vendors' capabilities and practices, providing a higher level of assurance compared to incorporating risk management into contracts or periodic reviews alone.
B - Auditing vendors helps evaluate their security posture, identify vulnerabilities, and ensure compliance with organizational standards. The term “audit” is more commonly associated with thorough assessments.
Conduct security reviews on the services and solutions delivered. Not going for option C because you can integrate risk measures and not review.
risk management includes monitoring and managing risk
Is it not D?