In this third installment in her series for The Privacy Advisor on quality vendor-management programs, K Royal, CIPP/US, CIPP/E, looks at risk management. “When a part of the business is outsourced, the business retains accountability,” Royal writes. “While you can delegate authority, you can't delegate responsibility. Risk management is critical and starts at the moment that a determination is made that something requires spend—be it people or technology.” Royal breaks her report into key issues, including “Early Considerations: A Risk-Based Approach,” “Due Diligence,” “Decisions” and “Ongoing Risk Management” and concludes with two practical tips. If you missed the earlier installments in the series, click here.
If you want to comment on this post, you need to login.