With Richard Ben-Veniste, Rebecca Eisner, Archis Parasharami, Richard Rosenfeld, Jeffrey Taft, Howard W. Waltzman
To ensure the ability to conduct assessments of such vendors and suppliers, a company should use a contract that requires the cooperation of the third party in ongoing security assessments, audits, and incident management, including security breaches.