A knowledge base article about What is the Vendor Security Assessment Program? provided by the UC Berkeley IT Service Hub - Knowledge Portal
The Vendor Security Assessment Program (VSAP) is an evaluation service for third-party service providers handling UC P3 and P4 data on behalf of the university. Campus policy requires that these service providers must comply with the requirements of the UC Berkeley Minimum Security Standard for Electronic Information (MSSEI).
VSAP is intended to ensure that campus third-party service providers adhere to the same baseline level of security practices required for campus systems and applications that contain protected information and are managed and maintained by internal campus resources.
Unit Heads and application Resource Proprietors benefit from the VSAP by assuring that the applications and services that they outsource to third-party service providers meet the campus minimum standard for the protection of sensitive data.
To this page to learn more about the Vendor Security Assessment Program.