5 pitfalls of vendor
START
When it comes to cybersecurity, we perform vulnerability, penetration and social engineering testing
and can provide you
with our test records!
We perform testing from time to time; but, unfortunately, we don’t have the results in a format we can share.
FINISH
HOW TO PLAY
NICE VENDORS
NAUGHTY
VENDORS
Click on the route to take to make sure your organization avoids the risky vendors.
Vendors to Avoid
Click on the arrows to chose your path.
Controls
Got it!
Here are our financial statements from the last three years. You’ll find that our numbers are very positive.
We might be able to show you something; but, because we’re a private organization, we don’t allow external audits.
If you look here, you can see we have some contract provisions laid out for termination and details about our exit strategy should we need to end this partnership.
Termination?! But we’re just getting started! Why would we think about exiting the contract at the very beginning of the partnership?
We take business continuity management seriously and have formal plans that we update regularly. They’re also tested and account for business continuity, disaster recovery and pandemic planning.
We have a back-up plan for most incidents, like a power outage or storms, but not for every potential scenario (and they’re not all tested).
As part of your third-party risk management program, you assess vendors to determine whether they’re the right fit for your organization. Some vendors are clearly less risky than others… but do you know the signs?
Help Yeti determine which vendors are a safer bet and which ones to avoid completely!
Let's Go!
How can we make sure our data is secure?
Can I trust your financial stability?
Are we prepared if we need to break out of the relationship?
We’ve had audits/examinations and passed. If anything was noted to address, we’ve been sure to document those requests and make changes in our practices.
We did not pass our most recent audit/examination. We have not put processes in place to address the issues yet.
Are you compliant with regulations?
Uh oh, you chose a vendor that doesn’t have an exit strategy in place up front. This could mean your data may not be protected during transitional periods or your organization could suffer a delay in services!
Oh No!
Your Score: 0
Try Again
Uh oh, you chose a vendor that isn’t compliant with regulations they’re supposed to be following and don’t seem overly concerned to fix that. This could mean issues in their operations that could affect your own.
Oh No!
Your Score: 0
Try Again
Uh oh, you chose a vendor that doesn’t have a comprehensive business continuity plan to cover serious issues such as disaster recovery, pandemic planning or data breaches… all of which could seriously impact your organization!
Oh No!
Your Score: 0
Try Again
Uh oh, you chose a vendor that won’t provide you with evidence and now you’re left in the dark. Their testing is a little suspect as well.
Oh No!
Your Score: 0
Try Again
Uh oh, you may have chosen a vendor with poor financials. With private vendors it’s important you insist on an external audit to ensure accuracy, so you don’t end up with poor service, instability or worse.
Oh No!
Your Score: 0
Try Again
Great job avoiding all the dangerous vendors! You can download our free Quick Guide to 5 Pitfalls of Vendor Risk and learn more details about each risk obstacle presented in this game.
You did it!
Your Score: 0
Play Again
HOW TO PLAY
NICE VENDORS
NAUGHTY
VENDORS
Use your best judgement to avoid the naughty vendors and follow the nice vendors.
Vendors to Avoid
Click on the arrows to choose your path.
Controls
Got it!
You chose a vendor that won’t provide you with evidence and now you’re left in the dark. Their testing is a little suspect as well.
Download Now
Try Again
Download Now
You may have chosen a vendor with poor financials. With private vendors, it’s important you insist on an external audit or at least sufficient information to ensure accuracy so you don’t end up with poor service, instability or worse.
Oh No!
Try Again
Download Now
You chose a vendor that doesn’t have an exit strategy in place up front. This could mean your data may not be protected during transitional periods or your organization could suffer a delay in services!
Oh No!
Try Again
Download Now
You chose a vendor that isn’t compliant with regulations they’re supposed to be following and don’t seem overly concerned to fix that. This could mean issues in their operations that could affect your own.
Oh No!
Try Again
Download Now
You chose a vendor that doesn't do comprehensive business continuity management to cover serious issues related to business continuity, disaster recovery or pandemic planning. If something unexpected happens, your organization could be seriously impacted!
Oh No!
Play Again
Download Now
Hint
Download Now
You can download our free Quick Guide to 5 Pitfalls of Vendor Risk and learn more details about each risk obstacle presented in this game.
Hint!
This view should not appear on mobile devices.
Are you prepared for business-impacting events?
Click to Jump!
You can download our free Quick Guide to 5 Pitfalls of Vendor Risk and learn more details about each risk obstacle presented in this game.
Free Guide
Download Now
