This free document is on Free 3rd Party Information Security Assessment Guideline (Courtesy Cybersecurity Malaysia). Cybersecurity Malaysia has made this great document with authors Nor’azuwa Muhamad Pahri and Noor Aida Idris
Third Party Information Assessment Guideline Includes –
- Pre-Assessment
- Roles & Responsibilities for Organisations
- Develop Assessment Requirements
- Plan and Allocate Resources
- Evaluate 3rd Party Assessor
- Develop Policies and Procedures
- Prepare Documents and Records
- Prepare Non-Disclosure Agreement
- Roles & Responsibilities for 3rd Party Assessors
- Develop Information Security Assessment Plan
- Establish Team Members and Resources
- Conduct Information Gathering
- During Assessment
- Roles & Responsibilities for Organisations
- Ensure Key Personnel are Available
- Hold Meetings
- Roles & Responsibilities for 3rd Party Assessors
- Conduct Assessment
- Ensure Information and System Security
- Produce Progress Report
- Post Assessment
- Roles & Responsibilities for Organisations
- Review Assessment Report
- Develop Remediation Action Plan
- Information Security Requirements
- Roles & Responsibilities for 3rd Party Assessors
- Produce Assessment Report
- Perform Clean-up
View Document
Credit – Cybersecurity Malaysia, an agency under Mosti
Reference Source – click here
