Volltext-Downloads (blau) und Frontdoor-Views (grau)

Development of an evidence-based methodology for identifying third-party risks in information security

  • Since the occurrence of cybercrime rises every year, it has become increasingly important for companies to further secure their data and important information. It is not enough to just secure the data inside of the company, by now companies must go one step further. This thesis focuses on a way to develop tools and methods to determine whether company data is secure in the hands of third-parties as well. To do so it is important to understand what different methods are available and reliable enough for the everyday usage. The aim of this thesis is to present an evidence-based methodology to identify third-party risks. To achieve this goal, an analysis of international standards of technology knowledge is conducted. The market is searched for already existing service providers with the intend to find already existing information and templates on the topic. By conducting interviews information and expert knowledge is gathered. The analysis and interviews contribute to the development of a generalized questionnaire which can be used to evaluate third-party risks. A generalized questionnaire that is fit for every third-party working with company data, that can be adjusted if necessary.

Export metadata

Additional Services

Search Google Scholar


Author:Philipp Schmid
Advisor:Eva Kirner
Document Type:Bachelor Thesis
Year of Completion:2022
Granting Institution:Hochschule Furtwangen
Date of final exam:2022/06/30
Release Date:2022/07/04
Tag:Information security; Third-party risk management
Page Number:130
Degree Program:IBM - International Business Management
Functional area:Production, Operations and Supply Chain Management
Licence (German):License LogoUrheberrechtlich gesch├╝tzt