In the previous post, the topic of security breaches was discussed, which led to the introduction of a four-step process necessary to secure a contract management system and to achieve alignment. You’ve completed step one by identifying your company’s access needs. Now we’ll briefly discuss the second step of this important methodology: working with vendors to determine capabilities.
Ultimately, your IT team will be integral in approving a vendor’s security management before signing off on a new contract management solution, but the system must also meet your needs for accessing and sharing information appropriately.
When working with potential vendors, it’s often best to send your thorough list of questions to them in order to allow them the ability to answer in writing. They will also want to involve their IT department or security experts in this process, as well.
There is a wide variety of procedural areas and possible questions to ask potential vendors. These range in topic from risk assessment and identification, vendor security expectations, data disposal and retention, and access review due to terminated employees.
For a complete list of vendor security procedures and processes, please download our complimentary white paper, Assessing security in contract management systems.