Once you understand how a particular vendor’s risks might impact your business, you have to make a choice:
Remediation consists of a management program in which you present your vendor with a list of findings or deficiencies then work together to develop a plan to address those shortcomings with a schedule for completion. Ideally, you and the vendor will work together to determine when and how you will put the controls in place.
A key aspect of any vendor relationship, remediation acts as a two-way street that allows you and your vendor to learn about each other’s business practices and to gauge how much each is willing to invest in a mutually beneficial partnership.