Add third-party and monitoring objectives
On a Third Party framework, the Controls step offers two ready-made objectives: Third-Party Management for fourth-party exposure, and Continuous Monitoring to collect monitorable assets.
Try it in CybervergentOverview
Use the ready-made objectives for fourth-party exposure and continuous monitoring.
Step-by-step
- 1 On the Type step, set the 'Framework type' to 'Third Party'.
- 2 Go to the Controls step. Two prompt cards appear above your objectives.
- 3 On the 'Capture fourth-party exposure' card, click 'Add objective' to insert the Third-Party Management objective (Third-Party Inventory, Oversight and Due Diligence, Monitoring and Notification).
- 4 On the 'Enable continuous monitoring' card, click 'Add objective' to insert the Continuous Monitoring objective, which collects monitorable assets (URLs, applications, IP addresses) as a table control.
- 5 Edit the inserted controls if needed, then continue to the Monitors step and submit.
Related articles
Frameworks & Standards Build a custom framework Create a framework end to end: type, response options, artefacts, categories, controls, and monitors. Frameworks & Standards Configure objectives and controls Set up objectives, sub-objectives, controls, and each control's assessment, risk, and guidance. Compliance Posture Read and manage your compliance posture Find your compliance posture score, understand what drives it, and use automation and monitoring to keep it live. Compliance Initiatives Create a compliance initiative Launch a compliance program against a framework, with dates, mapping, owners, and governance.