CompTIA Security+ SY0-701 Cert Guide

Chapter 25 Understanding the Processes Associated with Third-Party Risk Assessment and Management

This chapter covers the following topics related to Objective 5.3 (Explain the processes associated with third-party risk assessment and management) of the CompTIA Security+ SY0-701 certification exam:

Vendor assessment
Vendor selection
Agreement types
Vendor monitoring
Questionnaires
Rules of engagement

This chapter is a comprehensive guide to third-party risk management, focusing on vendor assessment, selection, and ongoing monitoring. It emphasizes the importance of well-defined service-level agreements (SLAs) and covers various assessment methods, such as penetration testing and the right-to-audit clause. The chapter also delves into internal ...

Get CompTIA Security+ SY0-701 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-701 Cert Guide by Lewis Heuermann

Chapter 25

Understanding the Processes Associated with Third-Party Risk Assessment and Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly