What is the review process followed by your company while choosing SaaS products? Does the security team do an audit of the product - if so how do they evaluate the product?

Applications & PlatformsProcess ManagementStrategy & Architecture
736 views12 Upvotes2 Comments
Enterprise Architect in Finance (non-banking), 10,001+ employees
While it isn't always possible to do a pre-contract review, our security department does work closely with our procurement department to provide this analysis up front. Occasionally though, SasS services have been acquired outside of the standard procurement process.

But even post-contract we do regular reviews, based on three stages: a self-assessment by the vendor, a screening by our security team (we have a dedicated team for screening third parties), and of course independent validation by a proper auditing firm.

The screening we do is based on the publicly exposed information and infrastructure, as well as information provided by the SaaS vendor.

We currently see that as part of a vendor risk management process, which also has other areas in it (such as evaluating the financial maturity of the company, geographical and political risks, etc.)
2
Store Manager in Retail, 10,001+ employees
Yes
Audit the product
Assess its security,
Vendor image in market, and
industry certifications if any.

In order to minimize the investment risk.

Content you might like

Do you trust the data & reports from the big analysts?

Strategy & Architecture

Yes41%

No15%

Sometimes42%


8308 PARTICIPANTS
70k views166 Upvotes58 Comments

What factors do you consider when evaluating job security in a company?

Applications & PlatformsCloudContact Center & Telecom+15 more

Company financial stability56%

Industry trends46%

Length of time in business44%

Recent layoffs or restructuring44%

Employee turnover rate38%

Compensation34%

Culture37%

Blindly following Review sites (eg. GlassDoor)5%

Other(s)2%


361 PARTICIPANTS
4.5k views7 Upvotes3 Comments

Is the following about network architecture and network technologies accurate? In network architecture and network technologies, many vendors are suggesting "Intent-based networking" as the logical next step beyond software-defined network. While the idea behind intent-based networking is not that recent (with indications of this being more than 10 years old) I have yet to find a practical implementation of the idea. Most vendor resources on this also indicate that this is a "roadmap item" rather than already reality. Is intent-based networking currently still slideware, or are there already companies with tangible experience here?

Applications & PlatformsData CenterInfrastructure
Read More Comments
2.6k views8 Upvotes3 Comments

Can anyone recommend a firm to provide enterprise/corporate training that is customized, instructor-led, and class focused on mobile app development using React Native?  Do you have any feedback on the following providers: Knowledgehut, Nobleprog, or Developintelligence?

Peer InsightsProcess ManagementPeople & Leadership
IT Manager in IT Services, 10,001+ employees
You may check with Mercer-Mettl for such trainings
1 Reply
2.1k views9 Upvotes2 Comments

What are 5 Key Insights for Third-Party Risk Management Design and Governance?

Process Management
1.4k views1 Comment