The increasing proliferation of digital transactions and documents, along with the accelerating reliance on cloud based service provisioning makes it important for organizations to:

• Identify and assess an organization’s exposure to systemic and idiosyncratic risks from external supply chain arrangements

• Identify, detect and quantify the impact of probable threats arising from third party arrangements in relation to the organization’s risk appetite and risk tolerances

• Classify the information resources relevant to these third party arrangement, assess the adequacy of key controls which protect the organization from threats, or allow the organization to effectively respond and recover from threats to its information resources and its mission-critical operational processes.