Third-Party Cyber Risk Management Maturity Quiz

  • Do you have an established third-party cyber risk management strategy?

  • Do you have staff dedicated to third-party cyber risk management?

  • What technology is leveraged to manage your third-party process today?

  • What types of third parties are you tracking?

  • What criteria is used to risk rank third parties today?

  • How do you currently assess your third parties?

  • How frequently are you assessing your most critical third parties?

  • What percentage of your third parties are subject to an independent assessment (e.g., conducted or validated by an entity that is separate from the assessee)?

  • Which residual risks have a documented mitigation plan?

  • Under which circumstances are you notified of changes to a third party’s risk posture?

  • How do you respond when your company is being assessed by up-stream partners (i.e., you are the third party)?

  • Thank you for submitting your questionnaire! Please fill the form below to see your scores: