The working group has now contributed to defining new control types specifically designed for third party software development that help companies ensure that effective information protection practices are in place. These control types enable firms to apply effective controls to the development practices of third parties.
The whitepaper will be available on the public section of the FS-ISAC website in mid-November. Software development practices have evolved in maturity and use within the industry. Companies in all industries that capture and process customer information have an explicit obligation to apply effective industry standard practices for information protection and there are now three more practices to consider to more effectively manage information security risk when working with 3rd parties.
Sign up for CIO Asia eNewsletters.