Third-Party and Vendor Management

Vendor Management

Our team develops and counsels clients on vendor management programs and risk management strategies designed to assist companies in assessing, prioritizing and mitigating risk presented by vendors with access to client data or technologies.

Diligence and onboarding. Develop and counsel on vendor diligence assessments, onboarding procedures and vendor risk ratings designed to identify and mitigate privacy and security risks, including development of data mapping exercises to identify and centrally manage the data life cycle across vendors.
Vendor contracts and policies. Develop and counsel on contracting structures and draft contract provisions and privacy and security addenda, including developing and counseling on internal contracting guidelines, requirements and escalation protocols.
Audits. Advise on policies and procedures to audit and assess vendors for privacy and security risks and compliance with applicable laws and contractual obligations.

Other Proactive Services

Risk and Gap Assessments

Preparedness and Testing

Written Policies and Procedures and Data Management

Cybersecurity and Privacy Compliance and Regulatory Examinations

Corporate Governance and Executive Board Advisement

Workforce Education and Training

Transactions, Contracting and Due Diligence

Government Affairs and Advocacy

Other Reactive Services

Incident Response and Internal Investigations

Crisis Management and Communications

Government and Regulatory Investigations and Working With Law Enforcement

Litigation and Class Action Defense