Compliance Training - Does the company maintain a formal program for evaluating the security posture of its vendors?

Set up a formal program to evaluate vendors' security postures.

Define criteria for assessing vendor security, considering industry standards and risks.

Regularly evaluate and review vendor security to ensure compliance and risk mitigation.