1. Whose job is it to assess vendor risk fundamentals?
Company decision-makers must assess their risks before outsourcing with meticulous review of the providers’ people, policies and technology. Before vendor discussions begin, you should have a clear sense of how and where data flows, regulatory considerations, data protection and recovery plans.