Managing Third Parties

Organization should consider a comprehensive Outsourcing Risk Management Program to thoroughly govern and mitigate risk.

Covert Threats experts are readily available to assist your organization with its Vendor Management needs.

Our Vendor Management Program

Risk assessment and requirements definition

All risks associated with the functions outsourced, physical location of the vendor, assessment of technology used by vendor.


Requirements are defined in a formal agreement known as a Request for Proposal (RFP) to ensure due diligence is enacted for each step.

Contract Review

Contracts are reviewed for adequate and measurable service level agreements and appropriate clauses (confidentiality, right to audit, etc)


Relations among vendors are monitored through essential service level agreement metrics and internal processes created for review.

Cloud Relationships

Types of payment, service, and deployment architecture which is selected and the inherent risks associated with the architecture. The proper controls in place are used to mitigate the risks associated with the architectural model.

Covert Threat provides an Outsourced Vendor Management Program Development/Assessment (FI) to develop and/or assess a Program that is usually part of the overall Vendor Management Program aligned with the FFIEC Handbook. Our Outsourced Vendor Management Requirements (TSP) provide consultation to third-party service providers in meeting FFIEC requirements.

Professional Services


Vulnerability Assessment & Penetration Testing:
Network, Wireless, Web Application, Mobile, IoT, Social Engineering and more.


Gap Analysis, Risk & External Threat Assessment, Policies & Procedures, Business Continuity & Disaster Recovery planning and Vendor Management.


Is your business secure?


CovertThreat is ready to assist with all your organizational security needs! 


Are you Prepared?


Our team of  industry experts are ready to assess your organizational end-points to discover all possible security flaws.


Lets Us Find your Weak-points!


Once we assess your organization for security flaws, our team provides the a detailed solution to eliminate the potential threat vectors. We work with you!