What is the most important document to conduct your risk assessment of your Saas Third Party for one of your critical services ?

ISO-27001 certificate42%

ISO-27017 Certificate45%

ISO-27018 Certificate33%

SOC 2 Type 2 Report24%

Consensus Assessments Initiative Questionnaire from Cloud Security Alliance (CSA) Level 1 or Level 210%

Answers to security questions you sent despite the fact that the third party may have certifications or independent security audit reports.6%

106 PARTICIPANTS
1.7k viewscircle icon1 Upvotecircle icon1 Comment
Sort by:
Senior Information Security Manager in Software2 years ago

Most important doc is the corporate risk assessment worksheet or workbook. It’s customized to focus on the risk the firm cares about.

Content you might like

What is the best work travel advice you’ve ever been given?

Read More Comments

Seeking advice on integrating embedded AI agents into Workday/SAP/etc. How do you handle integration across HRIS, ATS, and LMS? Do you rely on vendor-native tools or build your own in-house registries?

This is a test poll from Harsh

Choice 142%

Choice 250%

Choice 38%

Choice 4

View Results

Which is your preferred Cloud Platform?

AWS45%

Azure61%

GCP17%

None2%

View Results

How necessary do you think it is for IT to involve HR in AI discussions? How do you start these conversations while establishing clear responsibilities?