Vendor Risk Assessments

As part of the Technology Acquisition Review Process (TARP), the IT Security Office (ITSO) conducts a Vendor Risk Assessment (VRA) to ensure that the vendor has sufficient technological, administrative, and physical safeguards in place to maintain the confidentiality, security, and integrity of the University data. Additionally, the VRA ensures that the vendors abide by CSU and SDSU policies.

More information can be found at the main SDSU TARP website.