So, maybe you’ve read my previous blog posts and have spent time developing strong information security and privacy protections to be included in your contracts with relevant business partners, vendors and suppliers.
The question is: when do I require those protections? Certainly not in every contract. That would greatly expand the cost and time of negotiating contracts that, potentially, present no security or privacy risks.
So how do you decide?
That is one of the most common questions I receive from clients. They want a bright line rule to determine when to insist those additional contract protections be included in their third-party contracts and when not to require them.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
