I am trying to write a vendor management policy to our Bank to following when choosing a vendor. What specific information should be included in the policy? What should we be looking at?
Thanks,
Posted By: avpbsa
Re: Vendor Management - 09/11/08 06:44 PM
reminder to look at financials, their ability to be a viable entity in the next few years, a review of SAS 70 and the items the vendor would not be liable for
Posted By: Hershey1
Re: Vendor Management - 09/16/08 08:53 PM
I always look for specifics in the vendor agreement on their responsibilities if they encountered a security breach (if they maintain confidential information). And, if they provide a critical service, some time of assurance in the same agreement that they have disaster recovery or redundancy services for the relationship.