1:00 pm Implementing Vetting Processes & Security Controls for Subcontractors & Vendors to Minimize Third-Party Risk
Time: 1:00 pm
day: Day 2
Details:
- Defining risk tiers for subcontractors and vendors based on access to sensitive data, project systems, or physical jobsite presence
- Establishing a continuous oversight framework, including regular audits, assessments, and monitoring of partner security practices to ensure compliance and proactively address emerging threats
- Incorporating specific clauses and responsibilities into trade contracts to better define security expectations and accountability, mitigating legal and financial risks associated with breaches
