What is Abriska 27036?
The purpose of Abriska 27036 is to help improve the effectiveness and efficiency of supplier information security due diligence process. This is achieved by providing the user with the capacity to tailor questions set and ask more in-depth questions of suppliers who have access to more sensitive or critical information.
One of Abriska 27036’s attributes is its ability to precisely target the information needed from third parties in order to better determine what risks they pose/ present to an organisation.
What Type of Organisation is Abriska 27036 Particularly Suited to?
Abriska 27036 is presented as an ideal Web-based tool for any organisation which has a range of suppliers, some of which have direct or indirect access to its information and information systems, and any organisation which is looking to improve both the effectiveness and efficiency of its supplier due diligence processes.
One of Abriska 27036’s attributes is its ability to precisely target the information needed from third parties in order to better determine what risks they pose/ present to an organisation.
How Does it Treat Risks?
- Risks are treated and tracked in line with the organisation’s risk acceptance criteria. Most red risks are not acceptable and must be treated in all organisations.
- Risk actions are then created against the supplier; this could result in an action for the supplier to implement or improve an information security control, e.g. technical, people or policy/process based.