RM-7.1.8

Entire section

Custom print

Link

Text Only

Rich Text

Versions

Jul 01 2007 - Jun 30 2008
Jul 01 2008 - Jun 30 2010
Jul 01 2010 - Jun 30 2022
Jul 01 2022

For the purpose of Subparagraph RM-7.1.7 (iv), licensees as part of their assessments may use the following:

a) Independent third-party certifications on the outsourcing service provider’s security and other controls;

b) Third-party or internal audit reports of the outsourcing service provider; and

c) Pooled audits organized by the outsourcing service provider, jointly with its other clients.

When conducting on-site examinations, licensees should ensure that the data of the outsourcing service provider’s other clients is not negatively impacted, including impact on service levels, availability of data and confidentiality.

Amended: July 2022
Amended: July 2010
Amended: July 2008
Adopted: July 2007

Location:

RM-7.1.8