Date of Publication
4-7-2023
Document Type
Master's Thesis
Degree Name
Master in Information Security
Subject Categories
Information Security
College
College of Computer Studies
Department/Unit
Computer Technology
Thesis Advisor
Gregory Cu
Defense Panel Chair
Katrina Ysabel Solomon
Defense Panel Member
John Francis Faustorilla
Gregory Cu
Abstract/Summary
Organizations utilizing the applications and programs that were developed by a third-party supplier is on the rise. The combination of low-cost solution with the speed of implementation entices organizations to ditch the old model of hiring an entire team of individuals to internally develop applications that will fill-in their business needs. In trying to keep up with the digitization of competitors, organizations often overlook the cybersecurity risks a third-party supplier can potentially introduce to the existing information systems.
There is a gap on a standard process that will serve as a security checkpoint for all third-party developed programs and applications before they get onboarded to the organizations internal systems. For the target organization in this project, third-party applications sometimes do not go through the proper information security checks and implemented into the production environment without clearance from the information security team.
This initiative aims to fill this gap with a standard process to properly assess the vendor’s information security capabilities, guide them with the proper security configuration of the application in compliance to the organization’s minimum-security standards and to rate the vendor with a granular security matrix so that future engagements with a vendor can be properly assessed in the context of cybersecurity.
Abstract Format
html
Language
English
Format
Electronic
Physical Description
[42] leaves
Keywords
Information technology; Computer security; Information storage and retrieval systems—Security systems
Recommended Citation
Trinidad, J. O. (2023). Third-party security risk assessment and rating. Retrieved from https://animorepository.dlsu.edu.ph/etdm_comtech/19
Upload Full Text
wf_yes
2023_Trinidad_General-checklist.pdf (469 kB)
2023_Trinidad_student-research-ethics-clearance-form.pdf (408 kB)
2023_Trinidad_PreliminaryPages.pdf (511 kB)
2023_Trinidad_Chapter1.pdf (197 kB)
2023_Trinidad_Chapter2.pdf (453 kB)
2023_Trinidad_Chapter3.pdf (189 kB)
2023_Trinidad_Chapter4.pdf (754 kB)
2023_Trinidad_Chapter5.pdf (186 kB)
2023_Trinidad_Bbiliography.pdf (200 kB)
2023_Trinidad_Appendices.pdf (1040 kB)
2023_Trinidad_PISC.xlsx (18 kB)
2023_Trinidad_VRRQ.xlsx (32 kB)
2023_Trinidad_VRRC.xlsx (12 kB)
2023_Trinidad_img_1.jpg (32 kB)
2023_Trinidad_img_2.jpg (31 kB)
2023_Trinidad_img_3.jpg (138 kB)
2023_Trinidad_img_4.jpg (58 kB)
2023_Trinidad_img_5.jpg (62 kB)
2023_Trinidad_img_6.jpg (45 kB)
2023_Trinidad_img_7.jpg (256 kB)
2023_Trinidad_img_8.jpg (77 kB)
2023_Trinidad_SubmissionConsentForm.pdf (688 kB)
Embargo Period
4-7-2024
