As part of our Assess service line, the Third Party Security Assessment (TPSA) methodology ensures organisations can assess the maturity of third parties, identifying key risks and documenting prioritised recommendations to help manage or mitigate information, cyber or privacy risks.
Whether these are potential acquisitions, a new supplier or within an existing supplier landscape, the TPSA methodology provides a framework to give you visibility across your supply chain.
We work with you to understand your business services and assets, and importantly how you interact with your customers and third parties.
Then, utilising an approach similar to our Cyber Security Posture Review, we measure third party maturity against the National Cyber Security Centre’s 10 Steps to Cyber Security, providing an end-to-end view of control maturity. Through a combination of questionnaires, interviews and follow-ups we assess third party maturity, identifying risks and providing contextualised, actionable recommendations.
This approach ensures you understand the maturity of your third parties, having either agreed remediation plans in place with them, or implementing your own compensating controls.
The Third Party Security Assessment methodology provides a framework against which you can continually assure your third parties. We will work with you to embed this into your business.