We work with many organisations where the need to carry out security due diligence reviews seems to grow year on year. Most organisations are required by law, regulations, contracts or due to market pressure to have established policies and controls that support the privacy and security of sensitive information. At certain key points during business operations, the adequacy of these policies and controls needs to be checked.
When you are taking on new suppliers, planning joint ventures or considering acquisitions, you need to be fully aware of the other party’s security capabilities and that they are working to the security standards that you require of them. Likewise, your customers and partners need to know you are managing your security obligations in relation to their data and that agreed measures are in place to protect shared information.