Development of an evidence-based methodology for identifying third-party risks in information security
- Since the occurrence of cybercrime rises every year, it has become increasingly important for companies to further secure their data and important information. It is not enough to just secure the data inside of the company, by now companies must go one step further. This thesis focuses on a way to develop tools and methods to determine whether company data is secure in the hands of third-parties as well. To do so it is important to understand what different methods are available and reliable enough for the everyday usage. The aim of this thesis is to present an evidence-based methodology to identify third-party risks. To achieve this goal, an analysis of international standards of technology knowledge is conducted. The market is searched for already existing service providers with the intend to find already existing information and templates on the topic. By conducting interviews information and expert knowledge is gathered. The analysis and interviews contribute to the development of a generalized questionnaire which can be used to evaluate third-party risks. A generalized questionnaire that is fit for every third-party working with company data, that can be adjusted if necessary.
Author: | Philipp Schmid |
---|---|
Advisor: | Eva Kirner |
Document Type: | Bachelor Thesis |
Language: | English |
Year of Completion: | 2022 |
Granting Institution: | Hochschule Furtwangen |
Date of final exam: | 2022/06/30 |
Release Date: | 2022/07/04 |
Tag: | Information security; Third-party risk management |
Page Number: | 130 |
Degree Program: | IBM - International Business Management |
Functional area: | Production, Operations and Supply Chain Management |
Licence (German): | Urheberrechtlich geschützt |