We're in the process negotiating a contract with an enterprise client for a SaaS solution they are looking to implement into their existing technology.<p>They asked for a document outlining information security. Is there a specific format for completing one of those? Has anyone done one before?
See if they have a standard questionnaire. If not, propose the BITS AUP SIG (Google it) or the Vendor Security Alliance questionnaire (again, Google it). — VendorTrust.IO