New Third Party Security Review Process

Posted: Wednesday, June 17, 2020
Category: For Suppliers, Resources, Alert, Featured, Purchasing, Training

The Risk, Policy & Compliance assessment intake form is for Rutgers University faculty and staff interested in engaging with a software and/or a service provider. This form will document and summarize data sharing purpose, data sharing scope, data elements, and technology requirements. Populating this form is a prerequisite to initiate a risk assessment.

It is important to engage information technology professional resources while completing this form; early IT involvement during third-party risk/security assessments often improves risk/security assessment quality and reduces unnecessary delays in the process.

Risk, Policy & Compliance (GRC) uses the provided information to calculate the type of assessment that is required.  The decision is based on the sensitivity of the data and the criticality of the system, which is informed by the Rutgers University Data Classification

To access the intake form, click on the following link.