Your guide to third-party due diligence and GDPR compliance
Securing the data supply chain can be a challenge. Under the General Data Protection Regulation (GDPR), data controllers are liable not just for their own compliance, but also for that of third-party processors.
Contracts and questionnaires, while useful components of any due diligence process, are necessarily limited. Auditing third-party processors is the most effective way to ensure ongoing compliance.
Download this paper in order to meet the GDPR’s requirements for third-party risk management and:
- Find out why contracts and questionnaires offer limited assurance.
- Understand the auditing process; and
- Learn what to look for in a third-party audit provider.