IT Examiner School - Oct 2023

First page Table of contents Previous page 181 Next page Last page

Internal Use Only

Evaluating Third-Party (Vendor) Risk Management

1

Internal Use Only

FFIEC Component Rating Areas of Coverage

The adequacy of controls and the ability to monitor controls at service providers;

The adequacy of customer service provided to clients by service providers;

The ability of the service provider to provide and maintain service level performance that meets the requirements of the client.

2

Made with FlippingBook - professional solution for displaying marketing and sales documents online