When enterprises select a SaaS provider for mission-critical applications, they are placing a bet on that product and vendor. Smart customers understand that they must minimize risks to their security and their business. Not surprisingly, many CISOs and security organizations today require that every SaaS application goes through a thorough security vetting process where the SaaS provider will explain how the product mitigates risks and enhances security.
Additionally, CFOs and their audit teams must analyze and judge the business risk posed by any SaaS product inserted into their enterprise workflows. These teams are not only trying to identify the obvious risks, like business continuity and risk to customers but also other orthogonal risks, such as impacts on operational excellence that might result from improper project versioning or feature roadmaps.
Read the original article: