Choose one of the SOC 3 Reports provided Identify any risks associate with doing business with this vendor. Some potential questions: Is there a secure information security program? Do they protect customer data in transit and at rest? Is there a mature set of policies and procedures? Do they have a security awareness program? Do they have a mature Incident Response program? …. Don’t feel restricted to these questions. Written Assignment In an Executive Summary (1 to 2 double spaced pages) assess the risk associated with the vendor selected. You should point out positive as well as any negative aspects. In the summary specify if you would do business this company and why (supported by your summary). Following the Executive Summary, present the supporting information for the risks, and benefits identified in the Executive Summary. This will be several page, 2 to 3.
