By ProcessBolt | April 30, 2019
The vendor security requirements for 23 NYCRR 500 Section 500.11 went into effect two years ago. Beginning March 1, 2019, financial services companies, banks and insurance companies operating in the state of New York must have written policies and procedures to ensure that their vendors’ and third-party partners’ information security systems are properly vetted.
Some of the key requirements of this regulation are documented Policies and Procedures related to:
This regulation requires companies to implement policies and procedures, and contractual protections to assess the cybersecurity practices of their third-party vendors. The regulation applies to all vendors for financial institutions operating in New York.
Automate Your Vendor Security Requirements
ProcessBolt enables your organization to evaluate vendor risk based on any criteria, including access to critical information, policy requirements, security requirements and prospective operational impacts (business continuity, reputation, revenue, regulatory). Our state-of-the-art assessment designer allows you to formulate a world-class vendor assessment framework based on your needs and your organizational context. The platform gives you the flexibility to use your existing assessment framework or utilize an industry standard framework.
In addition, our highly experienced services team can help you develop an effective policy and procedure framework that assists in compliance with applicable regulations.
Our solutions can help you:
To learn more about how we can help you achieve compliance, contact us.