n light of the recent headlines regarding “data insecurity,” and various legal and regulatory requirements across multiple sectors of the economy, this article will outline vendor due diligence measures that counsel should evaluate in conjunction with their information technology department (IT) and internal audit department (IA).