NLNB Vendor Security Compliance Reviews

NLNB Vendor Security Compliance Reviews Team 9

Contents • Current Status • Scope, Time, and Cost Estimates • Recorded Issues • Next Steps • Conclusion • Q&A

Current Status • Initiating and planning phases completed • Conducting Executing Phase • Last month’s Progress • 17 Onsite Reviews (OSSR) completed • 9 Conference Call Reviews (CCSR) completed • Cost to NLNB = $68,500 • Cumulative Progress • 105 of 200 OSSRs Completed • 45 of 100 CCSRs Completed • Cost to NLNB = $412,500

Scope, Time, and Cost Estimates • Scope • Thorough reviews conducted • Vendors showing quality Data Security • Time • Minor delays offset by gradually perfecting process • OSSRs totals ahead of schedule • CCSRs behind schedule • Cost • Initial cost estimates met

Recorded Issues and Solutions • Lack of vendor response • Vendor XYZ submitted questionnaire late • Solution: Issuing reminders to vendors • Vendor Security Breach post-review • Solution: Additions to reviews have been made in response to this event • Vendor ABC issued poor security grade • Issues with Data Security Policy • Solution: Team 9 resources being used to upgrade Vendor ABC security policies

Next Steps • To be completed by the end of this fiscal year • 150 VSCRs • 95 OSSRs • 55 CCSRs • Next Meeting • Currently scheduled for September 2, 2013 • Michael Schiavone, Project Manager, and Sarah Roberts, Lead Senior Data Security Analyst will be in attendance

Conclusion • Project is on-time, on-budget and within the set scope • 105 of 200 OSSRs Completed • 45 of 100 CCSRs Completed • Cost to NLNB = $412,500 • Issues have been resolved with minimal delay to project • Set to be completed within 3 year timetable • Issues have led to review enhancements • Majority of vendors showing quality Data Security measures • 95% of vendors have met review standards

Questions?

NLNB Vendor Security Compliance Reviews