2020 H-ISAC Third-Party Risk Solution Survey

Demographic Information

Thank you for your assistance. The H-ISAC Member Survey will be used to help us to better understand our members and their unique environments.

Question Title

* 1. Member Organization
Please indicate the name of the member organization for which you work.
If the response to this question is not a valid member organization, the survey responses will not be used.

Question Title

* 2. What membership tier is your company?

Tier 1: < $100MM in Revenue

Tier 2: $100MM < Revenue < $1B

Tier 3: $1B < Revenue < $5B

Tier 4: $5B < Revenue < $10B

Tier 5: $10B < Revenue < $15B

Tier 6: $15B < Revenue < $20B

Tier 7: Revenue > $20B

Tier 8: Academia

Other (please specify)

Question Title

* 3. Type of Organization
Please select the type of your organization.

Healthcare provider

Payer

Pharmaceuticals

Medical device/diagnosis

Biotechnology

Healthcare IT

Other (please specify)

Question Title

* 4. Do you have a third-party risk management plan?

Yes

In the planning process

I don't know, it is not my responsibility

Question Title

* 5. How many organizations fall under your third-party risk program?

less than 1,000

1,000 - 9,999

10,000 - 49,999

50,000 - 99,999

100,000+

Question Title

* 6. Do you use a third-party risk scoring solution? (select all that apply)

Risk Recon

Security Scorecard

BitSight

Other (please specify)

Question Title

* 7. Approximately what percentage of your third-parties do you track risk scores?

less than 15%

15-24%

25-49%

50 - 74%

75% or more

Question Title

* 8. How do you manage third-party risk questionnaires?

We do not use questionnaires

Manually with spreadsheets

We outsource the entire process

We use the H-ISAC Prevalent solution

We use Prevalent, but not through H-ISAC

We use another vendor (please specify)

Question Title

* 9. Approximately how many of your vendors are required to complete questionnaires? (total, not annually)

less than 100

100 - 499

500 - 999

1,000 - 4,999

5,000+

N/A

Question Title

* 10. Do you use the H-ISAC questionnaire? Why or why not?

Question Title

* 11. What other third-party risk services or solutions do you use?

Question Title

* 12. What other third-party risk services or solutions should H-ISAC consider offering?

Question Title

* 13. Name (Optional)
If you would like the H-ISAC to be able to follow up with you if there are questions about your responses, please provide your name and email address.

Name

Email Address

2020 H-ISAC Third-Party Risk Solution Survey

Demographic Information

Question Title

* 1. Member OrganizationPlease indicate the name of the member organization for which you work.If the response to this question is not a valid member organization, the survey responses will not be used.

Question Title

* 2. What membership tier is your company?

Question Title

* 3. Type of OrganizationPlease select the type of your organization.

Question Title

* 4. Do you have a third-party risk management plan?

Question Title

* 5. How many organizations fall under your third-party risk program?

Question Title

* 6. Do you use a third-party risk scoring solution? (select all that apply)

Question Title

* 7. Approximately what percentage of your third-parties do you track risk scores?

Question Title

* 8. How do you manage third-party risk questionnaires?

Question Title

* 9. Approximately how many of your vendors are required to complete questionnaires? (total, not annually)

Question Title

* 10. Do you use the H-ISAC questionnaire? Why or why not?

Question Title

* 11. What other third-party risk services or solutions do you use?

Question Title

* 12. What other third-party risk services or solutions should H-ISAC consider offering?

Question Title

* 13. Name (Optional)If you would like the H-ISAC to be able to follow up with you if there are questions about your responses, please provide your name and email address.

* 1. Member Organization
Please indicate the name of the member organization for which you work.
If the response to this question is not a valid member organization, the survey responses will not be used.

* 3. Type of Organization
Please select the type of your organization.

* 13. Name (Optional)
If you would like the H-ISAC to be able to follow up with you if there are questions about your responses, please provide your name and email address.