- /
VENDOR CYBER RISK MANAGEMENT
Mondelēz International leverages information technology and third-party service providers to support our global business processes and activities.
Manufacturing and distribution
Communicating with our suppliers, customers and employees
Maintaining effective accounting processes and financial and disclosure controls
Meeting regulatory, legal and tax requirements
Conducting research and development activities
Executing mergers and acquisitions and other corporate transactions
Executing various digital marketing and consumer promotion activities
Reporting cyber security issues: If you have a cyber security incident to report, please contact your primary contact at Mondelēz International and also send an email to cybersecurity@mdlz.com
Report a Cyber security incident
Vendor Cyber Risk Management
The Mondelēz International Vendor Cyber Risk program supports the planning, automation and management of cyber risk with enrolled suppliers and other third parties. It leverages the Mondelēz International Vendor Cyber Risk portal to store security assessments for existing suppliers and support new suppliers to be assessed, evaluated and classified based on risk profiles.
Mondelēz International’s Security Risk Management organization, with support from business owners and procurement specialists, will be responsible for registering and initiating enrollment in the Vendor Risk Management process.
Mondelēz International has launched a central secure repository for third parties including key vendor contacts and service offerings/engagements. We have the ability to conduct cyber risk assessments using automated questionnaires comprised of tailored content with a refresh frequency for each supplier. The secure repository provides an external facing portal that centralizes all interactions and communications with suppliers. Any cyber security issues and associated remediations are tracked via workflows that enable issue identification, findings review, solution design and remediation plan alignment with suppliers to facilitate closure. This critical functionality allows for unprecedented collaboration with our suppliers in addition to risk reduction for both organizations.
Enrolled suppliers can access the Mondelēz International Vendor Risk Management portal HERE or enter the following URL into your browser: https://mdlz.service-now.com/svdp
-
How do I complete security questionnaires, submit attestation evidence and participate in the program?
Participation in the Mondelēz International Vendor Cyber Risk Management program is by invitation. Please contact your Mondelēz International contract representative to enroll or to request access to the portal.
- I received an email requesting completion of a security question what are next steps?
Login to the secure vendor portal by clicking the link within the email or access the portal directly HERE
- I have forgotten my password to access portal?
Click HERE and select reset password if you have forgotten or need to reset password. Your USER NAME is your email address
The Cyber Security and Operations Expectations Manual (CSE) is included in our contract template used to establish a contractual relationship between Mondelēz International and a supplier. Mondelēz International procures a wide range of goods and services and utilizes the CSE globally, so there are conditional sections as specified within contractual agreements. Additional data privacy requirements may also apply where personal data is processed. We also expect our suppliers and partners to abide by our Cyber Security and Operations Expectations Manual.
SUPPLIER INFORMATION CENTER
Please visit our Supplier Information Center for more information on how to conduct business with Mondelēz International.