⭐ Repository → 💼 SOC 2 → 💼 CC3 Risk Assessment → 💼 CC3.2 The entity identifies risks to the achievement of its objectives\ \ across the entity and analyzes risks as a basis for determining how the\ \ risks should be managed.
💼 CC3.2-8 Analyzes Threats and Vulnerabilities From Vendors, Business Partners, and Other Parties
- ID:
/frameworks/soc-2/cc3/02/08
Description
The entity's risk assessment process includes the analysis of potential threats and vulnerabilities arising from vendors providing goods and services, as well as threats and vulnerabilities arising from business partners, customers, and others with access to the entity's information systems.
Similar
- Internal
- ID:
dec-c-70ddc410
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|