Menu Close

Case Study

Third-party Assurance Assessments for US-based Consumer Credit Reporting Agency

The client

A US-based Consumer Credit Reporting Agency providing credit reporting services to individuals and businesses worldwide

The work

Performing on-site third-party assurance assessments, completing bespoke evaluation questionnaires and documenting the third-party environment. Once assessed, summary reports were created for each third-party site including overview, observations/findings and recommendations for improvement, before being delivered to the client.

How we helped

We undertook a full review of the services provided to the client, the supplier’s business environment, ownership, number of staff, and any regulatory or legal requirements the business was subject to.

This was followed by a review of all information security policies, documentation and records. The review assessed the content, suitability and evidence that the third party’s policies and procedures were being adhered to by staff, suppliers and other stakeholders. Where necessary, this also included visual inspections of physical security.

Using the clients’ proprietary methodology, any identified gaps in policies or operational procedures were scored, including recommendations for any required improvements. Our findings were then presented in the client’s own report template, including a validated data flow diagram and further commercial context on the third-party assessment.

Value added

By preparing an objective report on the third party’s control environment, which identified weaknesses and risks, the client was better able to focus their risk treatment resources.

Customer reviews

What our clients say

Get in touch

If you would like to talk about your risk management requirements, submit your details and one of our consultants will be in touch.