Vendor and SLA audit

Vendor and SLA audit are usually part of internal audit programme. Depending on the framework/controls used by customer and supplier we provide detailed reports on vendor or SLA audit.

Vendor and SLA audit are usually part of internal audit programme. In SEE countries supplier relationships, selection process, performance and compliance are regulated in financial/banking sector.

Depending on the framework/controls used by customer and supplier we provide detailed reports on vendor or SLA audit. Report methodology includes:

  • Obligatory controls from ISO27001
  • Control goals and management practice from COBIT5 APO9 and APO10 processes
  • Vendor management using COBIT5 good practice (includes high level mapping for ITIL v3)
  • NIST/ENISA based cyber processes
  • Other methodologies and frameworks required by customer.