AHECS Third Party Risk Assessment (BitSight sector offer)

A key element of a cybersecurity defence is a thorough risk assessment and treatment process. Third-party risks which occur along the supply chain can be particularly damaging to organisations, and as such, AHECS has identified an opportunity for a sector offering, which has many associated benefits (in addition to improved security, there are resource and financial savings).

The third party risk assessment sector offering aims to:

• Provide third party risk assessments to enable institutions to assess the risks of vendor offerings and solutions, protecting the AHECS Partners, institutions and vendors.
• Provide efficiencies for institutions and vendors through one third party risk assessment administered and maintained by AHECS.
• Ensure the third party risk assessments have appropriate security and access controls.
• Provide an external view of all vendors to validate the assessment.

Through this offer, CAUDIT Members are able to:

• participate in ongoing cybersecurity benchmarking activity and access to aggregated and anonymised summary reports and graphs (for participating institutions)
• have visibility of third party risk assessments for vendors within the system.
• Unlimited BitSight user accounts
• Technical and training support

This offer is a collaboration between the Canadian universities (CUCCIO), and the Australasian higher education and research sector (CAUDIT).

If you have any questions about this BitSight sector offer, please contact Nikki Peever or Andrew Nolan.

More information is available here: https://caudit.edu.au/resources/bitsightintro/