Whistic Upgrades to SIG 2021

November 24, 2020

2020 has brought unique risk challenges that have significantly shifted the focus of risk managers. New operational risks emerged with the pandemic, with major shifts to work from home security and service availability issues, vendor stability, and socioeconomic uncertainty. The 2021 Standardized Information Gathering (SIG) Questionnaire Tool responds to these challenges with expanded content and controls around resilience, privacy, data governance, data loss, and remote risk.

The SIG employs a holistic set of industry best practices for gathering and assessing 18 critical risk domains and corresponding controls, including information technology, cybersecurity, privacy, resiliency, and data security risks. These Tools serve as the “trust” component for outsourcers who wish to use industry-vetted questions to obtain succinct, scoped initial assessment information on a service provider’s controls. The SIG is also used proactively by service providers to reduce initial assessment duplication and assessment fatigue through proactively supplying their own pre-completed Response SIGs to outsourcers.

“We commend Whistic for its ongoing participation in our community of third-party risk practitioners working to create assurance in vendor relationships,” said Catherine A. Allen, Chairman & CEO, The Santa Fe Group. “By adopting and contributing to the Shared Assessments standard, Whistic is creating standard assessments that are reliable, relevant and efficient.”

You can read more about the different components of the 2021 SIG Toolkit here.

 

See your full security picture with Whistic. Automate your program, assess vendors easily, and start using security to your advantage. Learn more.

vendor security vendor risk management standards sig security assessments

About the author

Whistic
Whistic

The latest insights and updates on information security and third party risk management.

Still need our help? Our support team is waiting to help you.