SIG Core
Summary
The Standardized Information Gathering (Questionnaire) (SIG) is a repository of third-party information security and privacy questions, indexed to multiple regulations and control frameworks, curated by Shared Assessments. The SIG gathers pertinent information to determine how security risks are managed across a spectrum of 18 risk control areas, or domains, within a service provider's environment. It was developed to enable a service provider to compile complete information about these risk domains in one document. As a core questionnaire, its objective is to provide a risk assessment for businesses in all industries. The version used in this section is SIG 2019.
Definitions
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.