Agencies with defined vendor risk programs understand that disruption and dislocation are normal. In this case study, we will share how Agencies are:
- Tracking critical business functions and services to identify third-parties supporting the supply chain
- Understanding the risk posture of critical suppliers and take corrective action on a programmatic basis
- Demonstrate compliance and track supplier remediation’s with automated Plan of Action and Milestones (POA&M)
- Stay in frequent communications with suppliers to assess ad-hoc, systemic issues that arise (e.g., the recent SolarWinds issue)