Third-Party and Vendor Management
Our team develops and counsels clients on vendor management programs and risk management strategies designed to assist companies in assessing, prioritizing and mitigating risk presented by vendors with access to client data or technologies.
- Diligence and onboarding. Develop and counsel on vendor diligence assessments, onboarding procedures and vendor risk ratings designed to identify and mitigate privacy and security risks, including development of data mapping exercises to identify and centrally manage the data life cycle across vendors.
- Vendor contracts and policies. Develop and counsel on contracting structures and draft contract provisions and privacy and security addenda, including developing and counseling on internal contracting guidelines, requirements and escalation protocols.
- Audits. Advise on policies and procedures to audit and assess vendors for privacy and security risks and compliance with applicable laws and contractual obligations.