Bold, NEW cyber due diligence service helps law department leaders ensure a sound process for identifying and mitigating third-party risks.
Powered by Jordan Lawrence ®
Vendor Risk ServiceSM
Your vendors are now prime targets for data breaches and small vendors can provide easy access for hackers.
In fact, in as much as 50% of breaches, access through a third party is the entry mechanism for cybercriminals.
Notably, only 7% of respondents for the ACC Foundations: The State of Cybersecurity Report say they have the highest degree of confidence that their third-party vendors protect them from cybersecurity risks.
Even cleaning crews, HVAC vendors, and food distributors, to a name a few, can all create exposure
that could lead to a data breach, but are often overlooked in the vendor diligence process.
Do you have an assessment of all your vendors?
Do you have the correct assessments from the right sources?
Do you spend too much time on third-party due diligence assessments?
Do you have the right documentation?
Are you keeping up with increasing regulations?
ACC Vendor Risk Service (VRS) is a powerful, cloud-based service that automates the
third-party diligence process, saving companies time and money, while increasing their bandwidth.
Your IT and procurement teams will love the tremendous efficiency VRS delivers and your
executive team and directors will appreciate VRS's effectiveness.
Leverage powerful technology to expand the reach and effectiveness of your vendor due diligence efforts.
All our survey standards are based on recognized cyber security standards and designed for fast, accurate responses from your vendors.
LAW FIRM ASSESSMENT
Incorporate the Law Firm Survey standard (based on the ACC Model Controls) to help identify some of your most pressing risks.
Your largest vendors are not your greatest risk. Use the Vendor Risk Profile standard to assess your presumed "low risk" vendors.
World-class question sets based on recognized and reasonable frameworks.
Effective insights and reporting to identify risks and avoid unnecessary incidents.
Fully-automated distribution, reminders and reporting.
Vendors can distribute question sets to internal experts for more accurate and rapid responses.
Flexibility to modify surveys to meet your specific needs.
Documented processes to support your practices when an incident happens.
Preset surveys based on recognized international frameworks.
Preset heat mapping to help streamline your vendor review process.
Support from our professional services team.
For the ACC Vendor Risk Service, recognized frameworks and models have been adapted. The three assessment standards can be easily modified.
The Comprehensive Risk Standard builds directly off the NIST Cyber Security Framework and SP 800-171 standards as well as the intentions of the EU General Data Protection Regulation and other domestic and international requirements.
The Law Firm Standard was created from the ACC Law Firm Cybersecurity Questionnaire and Guide.
Copyright 2017 The Association of Corporate Counsel. All Rights Reserved.