Vendor Security Assessment Program

The Information Security Office (ISO) provides a Vendor Security Assessment (VSA) Service for Vendor contracts. This service evaluates Vendor access to UC systems or data classified at Protection Level P3 or P4. Its purpose is to ensure that the Vendor’s security plan effectively safeguards UC systems and data. After the assessment, a report will be provided to the requesting party, including an overall risk rating, identified risks, and recommendations. By conducting these assessments, Units can better manage security risks and make informed decisions regarding Vendor contracts.

Service details

Service category

Quick Links

home buttonreport a security threat buttoncheck system status buttonsearch the knowledge base button