REQUEST A DEMO

Blog

Study Finds Two Thirds Of Companies Conduct Risk Assessments On Less Than Half Of Vendors

Companies are cutting corners when it comes to third-party due diligence It is no secret that inherent risk assessments are crucial to third-party risk management success, but are they being conducted? During a recent IT GRC webinar, “Automating Your Third-Party Risk Management Program”, attendees were asked how many of their vendors have been given an…

LEARN MORE

Poll: Over Half Of Risk Managers Say Their Vendor Risk Management Program Is Underperforming

Third Party Risk Programs Make A Good Start… But Have A Long Way To Go A recent poll of over 500 risk management professionals hosted by DVV Solutions technology partner ProcessUnity and other leading IT GRC and Vendor Risk Management (VRM) experts suggests that while many organisations are on the right path to a successful…

LEARN MORE

An Attack on 3rd-Party Advertising Company Increased Cyber Risk of European E-Commerce Sites

You’re only as strong as your weakest link A malicious code injected to a third-party Javascript of an advertising agency targets credit card information of online shoppers at European-based e-commerce sites. Many websites leverage Javascripts to track their visitors, collect analytics, etc. so, use of a Javascript library of an advertising agency is not uncommon. External…

LEARN MORE

Good Responses to Bad Contracts – A Shared Assessments Blog

Most third party risk managers eventually deal with bad vendor contracts. In most cases, these contracts – which lack important provisions or no longer conform to regulatory requirements or organisational guidelines – pose significant risks to the organisation. Many of these risks can be mitigated, doing so requires a well-defined process, a robust third party…

LEARN MORE

Is Your Risk Management Program Ready for the New European Banking Authority’s Guidelines?

In June 2018, the European Banking Authority (EBA) put forth guidelines on outsourcing arrangements that highlighted the importance of risk management within financial organisations. The notice of these guidelines was announced in June 2018 and will be enforced later in 2019. On February 25th of this year, the EBA revised the guidelines to include specific…

LEARN MORE

Third Party Risk Management (TPRM) Program Development – Pt 4 “Treating 3rd Parties as Trusted & Valued Partners”

Part 4: “Treating Third Parties as Trusted & Valued Partners” This TPRM blog series, compiled by experienced CSO, Bob Maley of NormShield Cybersecurity, has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center…

LEARN MORE

Third Party Risk Management (TPRM) Program Development – Part 3 “Strengthening Your Strategy”

Part 3: “Strengthening Your Strategy” This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center stage and risk managers can effectively respond as that problem morphs over time. This is the…

LEARN MORE

Third Party Risk Management (TPRM) Program Development – Part 2 “Knowing Your Ground”

Part 2: – “Knowing Your Ground” This TPRM blog series, compiled by experienced CSO, Bob Maley of NormShield Cybersecurity, has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center stage and risk managers…

LEARN MORE

Third Party Risk Management (TPRM) Program Development – Part 1 “Doing it Right”

This TPRM blog series, compiled by experienced CSO, Bob Maley of NormShield Cybersecurity, has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center stage and risk managers can effectively respond as that problem…

LEARN MORE

Happy One Year GDPR Enforcement Day

It’s hard to believe it’s been one year since the GDPR enforcement took effect (May 25, 2018). For many, the honeymoon (or “honeydo”) hasn’t quite worn off yet, as organisations are  still trying to ensure they meet some level of conformity to the most encompassing privacy regulation to date. There are also those who will…

LEARN MORE