WE'VE GOT IT FROM HERE

Supplier Management Policy

GENERAL SUMMARY

The purpose of this policy is to establish procedures and controls for Altair Global (Altair) when using Third Party Service Providers (Suppliers). It also includes our procedures for completing assessments of our Supplier’s capabilities, performance, system(s) security, controls, minimum goals, and outlines our contractual requirements.

The use of Suppliers is an essential element in Altair’s service delivery model and creates the need for management oversight and continuous monitoring of their capabilities and performance.

All key Suppliers are vetted to ensure compliance with Altair’s security standards and have the capabilities to follow our policies, procedures and practices.

  1. Scope

This policy applies to all of the system resources owned, operated, maintained, and controlled by Altair.  Below are definitions for the main groups involved;

  1. Purpose

Compliance with this policy ensures the safety and the security for Altair’s system resources when dealing with third-parties.

  1. Elements of Risk

The use of Suppliers increases risk to our service delivery system(s).  Therefore, each Supplier is assessed for honesty, integrity, compliance with laws, and Altair’s Supplier Management policies and procedures.  Below are the areas and some examples.  Other red flags may appear:

Verify that the Supplier is utilizing secure and stable hardware/software.

  1. Due Diligence – Current and Prospective Suppliers

Shown are the specific items to consider when evaluating Suppliers – note that other items are possible:

Storing.

  1. Contractual Documentation

To ensure Altair’s protection, the formal contract is written by Altair and covers the below shown points.

  1. Management Oversight and Continuous Monitoring

Once the contracts are signed and the third-party work relationships are functioning, Altair Global performs these tasks to ensure strong working relationships.

Ensure competitive price bids by announcing requests for proposals (RFPs).

  1. Additional Supporting Information and Documentation
    • Altair Global Cybersecurity Supplier Assessment.
    • Altair Global Procurement Policy.
    • Altair Global Schedule of Authorizations.

Altair Global Cybersecurity Assessment Policy and Guidelines.

Document Owner and Approval

The President and Chief Operating Officer is the owner of this document and is responsible for ensuring that this procedure is reviewed in line with the review requirements of all company policies.

A current version of this document is available to all members of staff on the corporate intranet.

This policy was approved by the Executive Leadership Team on 12/07/2017 and is issued on a version controlled basis under his/her signature.