NY DFS Vendor Management Requirements

Privva helps banks, insurance companies, and financial firms operating in the state of New York ensure they adequately vet vendor's information security systems per NY DFS Cybersecurity Requirements.

A Third-Party Vendor Risk Management Program is Now Mandatory for Covered Entities

“Each Covered Entity shall implement written policies and procedures designed to ensure the security of Information Systems and Nonpublic Information that are accessible to, or held by, Third Party Service Providers.” SECTION 500.11

Trusted by 10 of the AM Law 100 Firms and their financial clients

Contact us for a no-cost strategy assessment.

Do you have the proper vendor risk management process in place per NYS DFS requirements?

QUESTION ONE

Have you identified and cataloged all of the third party service providers you currently use?

QUESTION TWO

Do you have written policies and procedures designed to ensure security of data held by third party service providers?

QUESTION THREE

Have you set minimum cybersecurity practices required to be met by such third party service providers?

QUESTION FOUR

Do you periodically assess your third party service providers based on the risk they present and continued adequacy of their cybersecurity practices?

READY FOR A DISCUSSION?
 

Schedule a demo and risk management assessment.

© 2020 PRIVVA INC