Third party service delivery management Security Audit Checklist
Third party service delivery management Security Audit Checklist
Clause 10.2 ISO 27001
1. Service delivery
• Whether measures are taken to ensure that the security controls, service definitions and delivery levels, included in the third party service delivery agreement, are implemented, operated and maintained by a third party.
2. Monitoring and review of third party services
• Whether the services, reports and records provided by third party are regularly monitored and reviewed.
• Whether auditor are conducted on the above third party services, reports and records, on regular interval.
3. Managing changes to third party services
• Whether changes to provision of services, including maintaining and improving existing information security policies, procedures and controls, are managed.
• Does this take into account criticality of business systems, processes involved and re-assessment of risks.
Related documents
Advertisement
Sponsor sites:
1. Phrases For Performance Appraisals.
2. Interview questions and answers.
This entry was posted
on Tuesday, November 24th, 2009 at 3:53 pm and is filed under ISO 27001 checklist.
You can leave a response, or trackback from your own site.
