Before engaging the services of a managed services provider, security audit company, or cybersecurity solutions vendor you need collect some basic information about the systems and services you use and provide. Assessing your business processes, internal and external assets, and your current services is critical for knowing what services you need and asking the right questions of a potential service provider.
For more information on asset inventory and technology assessments review the VLCT Cybersecurity webpages. Once you have an idea of what your actual needs are, then you can find a provider to meet them. Be sure to consider who on your staff has the expertise to coordinate with the vendor, will you require staff or hire a consultant to support the implementation?
VLCT has compiled a list of helpful questions to ask potential information technology and security vendors for download below (this list is not exhaustive).