Contractual evaluation

A supplier relationship and stands with the contractual agreements made.

  • Being able to make an assessment from the supplier in advance.
  • Make good agreements with the supplier (including subcontracting).
  • On a continuous basis to evaluate the goods and services supplied on quality compared to the contractual agreements made.

The contractual agreements have several facets:

Organizational context 

  • What is the relationship between the supplier and the customer?
  • Is the supplier a processor, processing manager ...?
  • Are the contractual expectations clear to both parties?

CODEX.EU helps you structured and standardized, but still fully based on your organization with this challenge.

Creating the processing agreements that make you clear the supplier:

  • Informing what your operational context is.
  • Informing what your operational context is.
  • Instructs under how the services or goods must be supplied.

Do you receive a processing agreement of your supplier?

Here we offer an assessment of the contract.

The contractual agreements have several facets:

Organizational context

  • Herein it will be very clear that the supplier will offer you e-mail services with certain limited promises regarding the quality of the e-mail service.
  • Herein it will be very clear that the supplier will offer you e-mail services with certain limited promises regarding the quality of the e-mail service.

If you agree with this document, this does not mean that you have properly executed your task as processing manager.

  • Have you informed the processor which personal data and the goals will be processed by the e-mail service in this regard?
  • Does the processor know what the expected retention period is?
  • Does the processor know how to report an incident, and what information needs to be delivered?

No need, CO-dex.eu helps you. If Annex with the processing agreement offered, add the CODEX.EU Addenda based on the processing register.

Technological context

CODEX.EU offers you technological assessment for this with clear roles and responsibilities.

These assessments are performed automatically or manually.

The roles and responsibilities are determined very clearly.

The person responsible for maintaining and delivering the services is informed if things are not ok or other points of improvement.

The liable within the company is informed if cases are not in accordance with this for a certain time (in development).

These assessments are based on the following standards:

  • ISO27001"}" data-sheets-formula="=CONCATENATE("",R[0]C[-2],"")">{mlang}ISO27000
  • NIST-800 Cyber ​​Security Framework
  • Hardening guides suppliers
  • Industry good practices
  • Industry Best Practices
  • Our many years of experience
  • The current threats where you can protect yourself

Examples of this are:

  • Website Assessment
  • E-mail Assessment
  • Workstation Assessment
  • Server Assessment
  • DNS Assessment
  • Firewall Assessment
  • ...

Online services from suppliers based on the providers their industry standards such as:

  • Microsoft
  • Amazon
  • Google
  • ...
Last modified: Monday, 23 August 2021, 10:28 AM