CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

The 7 Essential Disciplines of Third-Party Risk-Management Programs – Supply Wisdom Blog

In an era when corporations commonly have hundreds and sometimes hundreds of thousands of third-party suppliers, managing the risk these third parties represent is no small task yet has become essential for corporate success.   Obviously in these circumstances, your third-party risk-management (TPRM) program becomes critical to ensure operational continuity and possibly even financial survival….

LEARN MORE

Gartner Names ProcessUnity a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools

The title says it all – Gartner has again recognised DVV Solutions’ technology partner ProcessUnity as a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools.   This week, Gartner published both the 2020 Magic Quadrant [1] and Critical Capabilities [2] for IT Vendor Risk Management Tools. We are extremely excited to report…

LEARN MORE

Latest TPRM White Paper – Third-Party Risk in Standards & Regulations by NormShield

In today’s ever-changing environment, businesses rely on third-parties to help drive their core-activities. This dependence makes third parties, sometimes referred to as “suppliers” or “vendors”, an organic part of business processes. Recent breaches affecting Amca, CenturyLink, Capital One, Facebook, and Twitter all originated from a third-party website or platform supplier. These breaches cause thousands, and…

LEARN MORE

Guest Blog – Cutting Corners: Most Companies Conduct Inherent Risk Assessments on Less Than 40% of Their Vendors

More than two-thirds of companies are cutting corners when it comes to understanding inherent risk within their third-party due diligence It is no secret that inherent risk assessments are crucial to third-party risk management success, but are they being conducted? During a recent IT GRC webinar, Automating Your Third-Party Risk Management Program, attendees were asked…

LEARN MORE

New NormShield Strategy Report provides Simple Guide to Fix your Cyber Rating

As the only strategy report in the cyber space providing guidance from a technical, financial, and compliance perspective the NormShield Strategy Report provides a clear and concise guide to reduce cyber risk mitigation and remediation into one single report of actionable steps.   We all know effective risk management starts with an effective risk model….

LEARN MORE

NormShield Ticketing System Simplifies Third Party Cyber Risk Remediation

As the only in-house cyber risk ticketing platform, NormShield Ticketing automates workflow to remediate continuous cyber risk monitoring issues. Here is why ticketing is effective in third-party risk management (TPRM) and how NormShield’s new system can help.   Businesses strive to be more organised, focused and efficient. This productivity has a direct impact on costs,…

LEARN MORE

Why the Shared Assessments SCA is the “Swiss-Army Knife” in Your Third Party Risk Assessment Toolbox

Everyone is familiar with the utility of the famous Swiss army knife; a penknife housing several blades and other tools such as files, scissors, and screwdrivers. The Shared Assessments’ Standardised Controls Assessment (previously known as the Shared Assessments’ Agreed Upon Procedure – or “AUP”) is acquiring a similar reputation in assurance circles as it’s been reported to…

LEARN MORE

Vendor Contract Do’s and Don’ts – BitSight Guest Blog

According to an Opus and Ponemon Institute study, 59% of companies have experienced a data breach caused by one of their vendors or Third Parties — while only 16% claim they effectively mitigate Third-Party risks.   Don’t be a part of these alarming statistics: In order to protect your organisation’s valuable information, it’s critical that you set…

LEARN MORE

GDPR’s 2nd Birthday – Are You Late To The Third Party?

As we see an ever-increasing stream of high-profile data breaches and regulatory fines Sean O’Brien, Director DVV Solutions, takes a look at one of the most common weak links in law firms’ data security and GDPR compliance programs – the risks posed by third parties and suppliers. The EU General Data Protection Regulation (GDPR) and…

LEARN MORE

Report Shows Cyber Attacks on Cloud Services Have Doubled

As cloud services increase in popularity, a worrying cybersecurity trend has emerged. According to the 2020 Trustwave Global Security Report, the volume of attacks on cloud services more than doubled in 2019 and accounted for 20% of investigated incidents. Although corporate and internal networks remain the most targeted domains, representing 54% of incidents, cloud environments are…

LEARN MORE