Vendor Management Policy
International Syndication Company LLC Last Updated: 1st September 2023 Effective Date: 1st September 2023 Review Cycle: Annually Responsibility for Policy: Data Protection Officer (Mr. Chris York)
Table of Contents
Introduction
Scope
Objective
Vendor Classification
Vendor Selection Criteria
Data Security Requirements
Monitoring and Auditing
Termination and Exit Strategy
Compliance and Enforcement
Amendments and Revisions
1. Introduction
This Vendor Management Policy outlines the processes and procedures that International Syndication Company LLC. employs to manage relationships with third-party vendors. This policy aims to ensure that vendors meet our security, legal, and operational standards.
2. Scope
This policy applies to all employees, departments, and units within International Syndication Company LLC. who interact with third-party vendors, including contractors and consultants.
3. Objective
To establish guidelines for selecting, monitoring, and assessing vendors in a manner that aligns with the company’s business objectives and risk management strategies.
4. Vendor Classification
Vendors are classified into the following categories based on the nature and scope of their services:
Critical Vendors: Handle sensitive data, intellectual property, or other key business elements.
Non-Critical Vendors: Provide services that do not directly impact the company’s core operations.
5. Vendor Selection Criteria
Vendor selection will be based on:
Compliance with data protection laws
Financial stability
Reputation
Quality of service
6. Data Security Requirements
All vendors must adhere to our data security requirements, which include:
Compliance with GDPR, CCPA, and other relevant laws
Secure data transmission protocols
Secure storage solutions
7. Monitoring and Auditing
Vendors will be subjected to:
Annual audits
Monthly performance reviews
8. Termination and Exit Strategy
Either party may terminate the agreement based on breach of contract or performance issues. A clear exit strategy must be outlined in the initial agreement.
9. Compliance and Enforcement
Violations of this policy may lead to:
Penalties
Termination of the vendor contract
10. Amendments and Revisions
International Syndication Company LLC. reserves the right to modify this policy at any time. Vendors will be notified of any changes.
This document is subject to ongoing review and approval by the Data Protection Officer, Mr. Chris York, and senior management.
Approved by:
Mr. Chris York Data Protection Officer
Date: 9th September 2023
Last updated