Ask HN: Information Security document for an enterprise contract
We're in the process negotiating a contract with an enterprise client for a SaaS solution they are looking to implement into their existing technology.
They asked for a document outlining information security. Is there a specific format for completing one of those? Has anyone done one before? See if they have a standard questionnaire. If not, propose the BITS AUP SIG (Google it) or the Vendor Security Alliance questionnaire (again, Google it). — VendorTrust.IO