SY0-701 - Security Program Management and Oversight - Section 5.3
Explain the processes associated with third-party risk assessment and management.
Describe how vendor assessments and ongoing vendor monitoring reduce supply chain risk introduced by third-party relationships, and explain the role of SLAs and MOUs in formalising security expectations. Recognise why a right-to-audit clause is a critical contractual safeguard, enabling an organisation to verify vendor security posture independently rather than relying solely on self-reported attestations.
vendor assessmentsupply chain riskSLA and MOUright-to-auditvendor monitoring
More in this domain
Back to all Security Program Management and Oversight objectives, or the SY0-701 cert hub.
Examworthy is not affiliated with or endorsed by CompTIA. Original, blueprint-aligned practice material only.