Managed Security Service Providers (MSSP) Policy - $100.00


The purpose of this Managed Security Service Providers (MSSP) Policy is to address measures implemented by a financial institution that partially or completely outsource the security management function to third parties (Managed Security Service Providers "MSSPs").

Table of Contents

Purpose and Contents - Topic 1
Policy Statement - Topic 2
Types of Managed Security Services - Topic 3
Types of Service Arrangements - Topic 4
The Risk Assessment and Management Process - Topic 5
Request for Information and Request for Proposal - Topic 6
Initial Due Diligence - Topic 7
Contracts - Topic 8
Ongoing Oversight and Monitoring - Topic 9
Contingency and Event Planning - Topic 10
Cloud Computing - Topic 11
Audit Policy - Topic 12
Staff Training - Topic 13
Retention of Documentation - Topic 14

Recent updates to this product:
07/05/17 Update
Use of SSAE 18 Reports

NOTE:  This product is intended to be a supplement to a financial institution's vendor management policy. For a complete solution, please refer to our Vendor Management Program Policy which contains the full text of this template in addition to other related regulatory guidance.

This policy template (approximately 16 pages) is available to purchase from in Microsoft® Word format for $100.00.

Mix and Match Volume Pricing

Would you like to mix and match multiple policies, procedures or job descriptions and receive a special volume discount? Click here to see how much you can save.

Sample Request

Click here if you are a new financial institution client and are interested in receiving a sample version of this product by e-mail attachment.

Need help choosing the right bank policy products?

If you need help choosing the right documents for your financial institution or just need expert advice, is ready to help you.