Configuring relationship context
Configuring relationship context
The context of a relationship defines the threat surface of the partnership with your third party. By selecting the context, you outline the circumstances for working with a vendor.
The context determines the inherent risk of the relationship, and informs the scope of the assessment. By The business case and data types determine the controls we're looking to satisfy to maintain a secure relationship. VISO TRUST comprehensively evaluates your vendor based on your unique partnership.
What is context?
Context is defined by 2 aspects...
- Think of business case as the circumstances of the partnership. Business cases inform the threat surface and the security controls required to reduce risk for that threat surface.
- Think of data types as the information you're sharing within the partnership. Different kinds of data can contain information tied to your organization and its employees. Data can also contain information about your customers and their organizations. Data types inform the threat surface and sensitive data may bring additional security controls into scope for evaluation.
First, select the context
- For any new relationship, you can click "Add context" in the banner the top of the page (see below.)
At any time, you can update context in the relationship under the "Context" header on the relationship detail view.
- Choose the appropriate business case(s) for the relationship. When in doubt, double check the descriptions for more information about the business case.
- Choose the appropriate data types for the relationship. When in doubt, hover over an option. A description will present more information
- Finally, choose the customer data types for this relationship. This is your opportunity to share any customer data that you'll be sharing with the vendor.
