The Legal Party Assessment Template is designed to be completed when a new Legal Party is being on-boarded (internal or external). The assessment can be completed before a contract is signed with a legal party to ensure security and privacy risks are reviewed and addressed at this stage. The Legal Party status can be set as Planned. Optional Controls/Evidence can be added for the Assets and Third Party at this stage if required.
The assessment is designed to be completed internally by the Information Security or Data Protection departments; however, if required, it can be targeted to the relevant department procuring the software, or to external Legal Parties for completion.
Once the assessment has been completed, new Legal Entity will populate into the relevant registers, and the records will be linked together. The Program/Assessment Reviewer will also receive a notification to review and approve the assessment.
Note: This base template is available for use 'out of the box'; however, you do have an option of customising the assessment questioning, updating guidance, along with adding any extra questions to ensure all of your organisational requirements are met.
Please see an overview below of the Legal Party register that are used in this assessment.