News and Updates

The First 3 Steps Organizations Should Complete Before Assessing a Single Vendor

Vendor risk management is becoming standard operating procedure across many organizations as client and/or regulatory pressure is increasing. A key to success is to simplify the security assessment process through iterations so it is sustainable. Taking a step back to understand your organization’s perspective before rushing to execute this requirement can go a long way. 1. Thoroughly research content options. Before sitting down to develop an assessment, research some of the options that already exist. There are numerous organizations who develop agnostic and/or industry focused assessment content. While some of this content is pay per use or licensed for non-commercial use only, it can

HECVAT now available on Privva's Award Winning Platform

Privva is excited to announce we are now offering The Higher Education Cloud Vendor Assessment Tool (HECVAT) on our platform. This content is helping Higher Education institutions simplify the process of assessing their vendors. The HECVAT was created by the Higher Education Information Security Council (HEISC) Shared Assessments Working Group, in collaboration with Internet2 and REN-ISAC. The Higher Education Cloud Vendor Assessment Tool (HECVAT) attempts to generalize higher education information security and data protection questions and issues regarding cloud services for consistency and ease of use. You can freely use either version of the tool -- the original robust version or the li