Informe sobre la situación financiera y de solvencia (1)

Services
Services
Audit & Assurance
Tax & Legal
Advisory
Outsourcing
Industries
Industries
Agriculture
Consumer business
Financial Services
Manufacturing
Natural resources
Not for Profit
Public sector
Real Estate & Construction
Telecommunications, media & technology
Insights
About
About
Exceptional client service
The BDO management team in Spain is made up of 34 partners. Each one is specialized and directs working groups linked to a line of business, sectors or offices of the firm in Spain.
Global Network
We can count on one of the most solid international networks in the market. BDO provides services globally and with a homogeneous methodology in 158 countries. In addition to the local and sectoral kn
Management Team
The BDO management team in Spain is made up of 34 partners. Each one is specialized and directs working groups linked to a line of business, sectors or offices of the firm in Spain.
Transparency
Independence, professionalism and transparency in our relations with clients and markets are one of the main guarantees of the objectivity and critical sense that should characterize the work of a pro

INTRODUCTION

In today's business environment, outsourcing plays an essential role, allowing organizations to have access to all types of services, from simple information storage services to complex data processing services.

There is no doubt that outsourcing allows organizations to focus their efforts on their core business by obtaining the supplier's expertise and technology without having to invest in its development and maintenance.

However, there are many cases in which an organization is affected by incidents at its suppliers, be they information security, privacy or continuity incidents. This is why outsourcing entails the responsibility of managing the risks associated with outsourcing services, which is complex as there is less direct control over the supplier's risk, assets and operations (connectivity, platforms, technology, accessed data, personnel, location, subcontracting, etc.).

As a solution for the control of these risks, BDO proposes a Vendor Risk Management for information security, privacy and business continuity (hereinafter VRM) model that identifies, categorizes, assesses, monitors and manages the security, privacy and continuity risks of outsourcing throughout the supplier's life cycle (evaluation of the service to be outsourced, risk assessment of proposed suppliers, establishment of the contract, provision of the service and return of the service).

Each entity has its own particularities and type of suppliers, so the VRM model must be adapted to the specific casuistry of the entity. BDO provides support in all phases of the model, from its definition and implementation (methodology, model, analysis and valuation of services and suppliers), its maintenance (risk management of existing and new suppliers) and its application to VRM tools (selection and feeding of the same).

At BDO we believe that outsourcing services provides a great number of advantages to entities that can be taken advantage of as long as their risks are adequately controlled to protect the entity and its clients.

Enric Doménech

Partner. Head of Risk Advisory Services

personView bio

OUR SERVICES

Model definition and implementation

Definition of methodology and model.
Identification of existing services and suppliers.
Categorization of existing supplier services.
Valuation of existing suppliers.
Audit of existing suppliers.

Model maintenance

Model management support.
Categorization of new suppliers.
Valuation of new suppliers and re-evaluation of existing suppliers.
Audit of new suppliers and re-evaluation of existing suppliers.

Evaluation and GAP analysis of existing VRM model.

Evaluation and GAP analysis of the existing VRM model.
Updating and improvement of the existing model.

Model support in VRM tools

Tool selection support.
Adaptation of methodology to tool capabilities.
Support in tool feeding.

PARTNERS

GlobalSUIT® | Featured News BDO signs an alliance with GlobalSUITE®.
OneTrust

POST

ARTICLES

EVENTS

Internal Audit Seminars

REFERENCE ORGANIZATIONS

ISACA, ISMS FORUM, Instituto de Auditores Internos, ENISA