Third-Party Cyber Risk Management Maturity Quiz

  • Do you have an established third-party cyber risk management strategy?

  • Do you have staff dedicated to third-party cyber risk management?

  • What technology is leveraged to manage your third-party process today?

  • What types of third parties are you tracking?

  • What criteria is used to risk rank third parties today?

  • How do you currently assess your third parties?

  • How frequently are you assessing your most critical third parties?

  • What percentage of your third parties are subject to an independent assessment (e.g., conducted or validated by an entity that is separate from the assessee)?

  • Which residual risks have a documented mitigation plan?

  • Under which circumstances are you notified of changes to a third party’s risk posture?

  • How do you respond when your company is being assessed by up-stream partners (i.e., you are the third party)?

  • Thank you for submitting your questionnaire! Please fill the form below to see your scores:

YOUR SCORE IS IN THE BOTTOM THIRD OF THE PARTICIPANTS AND INDICATES YOUR PROGRAM IS: BASIC

Your third-party cyber risk management program is just getting off the ground. It is most likely spreadsheet based, ad-hoc and has much room for improvement. You have a high risk of exposure from your third parties.

Work on your program maturity with a copy of our eBook, "Mitigate Third-Party Cyber Risk Exposure"

Download Now

YOUR SCORE IS IN THE MIDDLE THIRD OF THE PARTICIPANTS AND INDICATES YOUR PROGRAM IS: EMERGING

Your third-party cyber risk management program is improving. You are driving automation in some areas, but most tasks are still manual. You likely have little visibility into the risk from your entire third-party ecosystem, are still using "shared spreadsheets" and are not correlating threat intelligence to weak controls. You have medium risk of exposure from your third parties.

Work on your program maturity with a copy of our eBook, "Mitigate Third-Party Cyber Risk Exposure"

Download Now

YOUR SCORE IS IN THE TOP THIRD OF THE PARTICIPANTS AND INDICATES YOUR PROGRAM IS: OPTIMIZED

Congratulations! Your third party cyber risk management program is in the top third of programs. You are leveraging technology to automate many of the functions and have visibility into the risk from your entire third party ecosystem. You are not using "shared spreadsheets" and are correlating threat intelligence to weak controls. You have a low risk of exposure from your third parties.

Work on your program maturity with a copy of our eBook, "Mitigate Third-Party Cyber Risk Exposure"

Download Now

Oops! An error occurred, please try again later.