Third-Party Risk Discovery/Assessment

Third-party risk management discovery and assessing activities provide an objective analysis of vendor administrative, technical, and logical controls. SQ-Risk can assess the third-party to align with business requirements, regulatory guidance, and other industry best practices. SQ Risk offers impartial subject matter expertise, to evaluate the third-parties processes to align with the requirements of the customer’s TPRM program.

Assessment activities may include:

  • Information Gathering
  • Third-Party Controls Evaluation
  • Offsite/Onsite Performance and Controls Validation
  • Risk Reporting and Mitigation Tracking

In addition, SQ Risk is a member of the Shared Assessments Program and leverages applicable assessment tools and resources. These tools align with standards such as National Institute of Standards and Technology (NIST), the Federal Financial Institutions Examination Council (FFIEC) and the International Standards Organization (ISO), and other regulations and guidelines, such as: OCC Bulletin 2013-29, and Payment Card Industry (PCI).