What's New for 2025
The 2025 edition of the AITEC-AIMA Illustrative Questionnaire for the Due Diligence of Vendor Technology and Cyber Security includes a number of key updates, including:
- A general refresh and reordering of the answer choices:
- keeping them multiple choice to allow scoring and
- making most of the lists alphabetical order to minimise any impression of preferred answers
- Reorganisation of questions and sections to better differentiate questions about the vendor and any relevant product or service, allowing better focus on:
- customer access and access controls
- customer data security
- product/service vulnerability management
- endpoint security
- Substantial revisions in areas such as:
- security awareness and training
- staff passwords
- staff access controls
- access management
- sub-outsourcing
- New sections focussed on:
- artificial intelligence
- cloud computing
- penetration testing
- vulnerability assessments
- New process points:
- threshold questions to allow users to skip sub-modules that are not relevant
- additional options for presenting certain types of tabular information
- ability to add questions in line with existing questions rather than at the end of a section
- place for vendor to add more information about section topics beyond what is called for by the questions
- option to provide free text overview of the vendor
For questions, contact Jennifer Wood ([email protected]).
-
Jennifer Wood
Managing Director, Global Head of Asset Management Regulation & Sound Practices
2025 Editions
Concordance
Archive