Third Party Risk Assessment
POLICY AND STANDARDS
Is your company UK or EU based (i.e. all servers/ staff sit within the EU and are therefore under EU GDPR legislation).
Do you have an ISO27001 certification or another form of information security accreditation (e.g. A GDPR compliant certificate, PCI DSS, ISO22301/BS2599, COBIT)
Do you have written information security, data protection and confidentiality policies that outline your overall policy framework?
DATA PROTECTION AND PRIVACY
Do you have a DPO in place?
Do you maintain a record of your data processing activities in line with the requirements of the General Data Protection Regulation including DPO details; Processing purpose; Data types; Sharing details; International transfers; Retention periods?
Will you need to/ be required to access personal data/ confidential information belonging to our organization? e.g. staff; customer data; confidential business information.
INFORMATION SECURITY AND RISK MANAGEMENT
Do you have a policy and process for secure disposal of both IT equipment and media?
Will our organisation be able to manage who has access to the service (our organization´s staff)?
Do you have an encryption policy which covers data encryption in transit and at rest?
Do you undertake security testing and audits such as penetration testing and internal and external vulnerability scanning?
Do you have a Security/ Breach Incident Management Policy and Procedure in place?
Do you have a Business Continuity Policy in place?
You are based in Ireland, and run services on the North American GCP. Could you please confirm your view as to whether this means that data transfers outside of the EU?
What data do we work with?
Where is the metadata stored?
How is my metadata kept secured?
Is my metadata secure during transit?
Who has access to my metadata?
How is metadata accessed via Google API?
Want to know more?
Contact GAT Labs today for a free trial or a live demonstration of all our products’ features.
It has never been easier to do more, see more and protect more, wherever your Google Workspace and Chrome users are in the world.