💼 CC9 Risk Mitigation

• Contextual name: 💼 CC9 Risk Mitigation
• ID: /frameworks/soc-2/cc9
• Located in: 💼 SOC 2

Description

Empty...

Similar

• Internal
  • ID: dec-b-d12dc6cc

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CC9.1 The entity identifies, selects, and develops risk mitigation activities for risks arising from potential business disruptions.	2
💼 CC9.1-1 Considers Mitigation of Risks of Business Disruption
💼 CC9.1-2 Considers the Use of Insurance to Mitigate Financial Impact Risks
💼 CC9.2 The entity assesses and manages risks associated with vendors and business partners.	13
💼 CC9.2-1 Establishes Requirements for Vendor and Business Partner Engagements
💼 CC9.2-2 Identifies Vulnerabilities
💼 CC9.2-3 Assesses Vendor and Business Partner Risks
💼 CC9.2-4 Assigns Responsibility and Accountability for Managing Vendors and Business Partners
💼 CC9.2-5 Establishes Communication Protocols for Vendors and Business Partners
💼 CC9.2-6 Establishes Exception Handling Procedures From Vendors and Business Partners
💼 CC9.2-7 Assesses Vendor and Business Partner Performance
💼 CC9.2-8 Implements Procedures for Addressing Issues Identified During Vendor and Business Partner Assessments
💼 CC9.2-9 Implements Procedures for Terminating Vendor and Business Partner Relationships
💼 CC9.2-10 Obtains Confidentiality Commitments from Vendors and Business Partners
💼 CC9.2-11 Assesses Compliance With Confidentiality Commitments of Vendors and Business Partners
💼 CC9.2-12 Obtains Privacy Commitments from Vendors and Business Partners
💼 CC9.2-13 Assesses Compliance with Privacy Commitments of Vendors and Business Partners