0

Doug’s accountabilities

As a Service Owner, Doug is required to undertake a number of due diligence activities when engaging third party suppliers, as per the:

  • Supplier Governance Framework.
  • Sourcing Process.
  • Supplier Risk Management, Outsourcing and Offshoring Policy and Standards.

Examples of some of these responsibilities include:

  • Ensuring that security is considered right from the start of a supplier engagement.
  • Completing all applicable risk assessments (e.g. Privacy Impact Assessment, Supplier Security Assessment, Technology Risk Assessment, etc).
  • Maintaining situational awareness and being alert to data breaches or changes impacting his suppliers, and notifying DPG and his Line 1 Risk team of these as appropriate.
  • Enforcing conditions as per commercial contracts.
  • Calling-out and raising issues of non-compliance.