CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

What is Fourth Party Risk and How to Manage it

As we’ve seen in recent events such as the SolarWinds hack, third-party risk poses a serious threat to business continuity. What the incident also demonstrated is that fourth-party risk, or the risk posed by a contracted vendor’s third parties, can equally threaten data security and operations. Your organisation may have integrated a robust third-party risk management program (TPRM) – but what if keeping an eye on your third parties…

LEARN MORE

Kaseya – The early indicators of trouble

From reports of numerous former employees, Kaseya leaders knew of and failed to address cybersecurity concerns going back to 2017 (Kaseya Failed to Address Security Before the Hack). Unfortunately, as a result, 1500 managed service providers and possibly more, experienced significant disruptions due to the ransomware attack. For those 1500+ companies, the million-dollar, or in…

LEARN MORE

A Deep Dive into the Digital Operational Resilience Act (DORA)

The European Union (EU) will soon launch a new regulation that will require banks and firms in the global financial industry to mature their third-party risk management programs to include set cybersecurity requirements – which will also apply to the critical Information and Communication Technology (ICT) service providers they are working with.  The timeframe for…

LEARN MORE

Strategies for Building Resilience

Resilience is a watchword for every risk management team and every governing board. Resilience represents the ability of entities to avoid, prevent, adapt, respond to, recover from, and learn from operational disruptions.[i] While ensuring business continuity is a key aspect of business resilience, resilience and continuity are related but are not the same.[ii] Understanding your own organisation’s…

LEARN MORE

New Supply Chain Cybersecurity Report – Ransomware Risk: Automotive Manufacturing in 2021

Today, change in the automotive industry is driven by technology. Automakers and parts manufacturers have shifted their engineering focus to connectivity, becoming more strategic with key technology investments. However, automotive companies still fall behind other industries in terms of digital maturity and are struggling to move forward with a digital transformation plan. In a recent…

LEARN MORE

A Bright Future for Third-Party Risk Standards and Best Practice

As some of you may know, I have been championing the cause of standards in third-party risk management in the UK for a number of years now. When DVV Solutions originally looked at what standards we should build out our service offering and risk advisory from, there was only one organisation that stood out, and…

LEARN MORE

ESG in TPRM: Third Party Risk Management Goes Green

There’s no “e” in third party risk management (TPRM), but that’s quickly changing thanks to new environmental regulations, rapidly growing clean-energy investments, changing societal norms and other factors that show no sign of waning. TPRM practitioners should take note, as this trend will likely have profound impacts on most aspects of their work. These changes…

LEARN MORE

Building the Business Case for a TPRM Tool – Free Expert Guide

Get Practical Guidance and Formulate a Winning Business Case Building a business case to purchase a vendor risk assessment tool is a big deal. You’re trying to alleviate pain within the organisation…most likely pain that you’re experiencing every day. On the other hand, your executives need to understand how the costs involved will ultimately benefit…

LEARN MORE

3 Years of GDPR – 661 fines, €292m in penalties

In just 3 years since GDPR became enforceable over 660 fines and over €290m in penalties have been issued. Whilst British Airways (€22m) and Marriott International (€20m) have naturally grabbed the front pages with high profile breaches and fines the fact remains that for each and every organisation any breach of Personally Identifiable Information (PII)…

LEARN MORE

Your Reputation Is Your Wealth – ESG in the Supply Chain

Imagine cracking open a fortune cookie and finding this sage advice on the paper slip: “Your reputation is your wealth.” A recent Shared Assessments’ Operational/Industrial Technology Risk Management Working Group meeting cracked open this cookie as they examined reputation and explored risk management’s role in preserving it. Reputation is tied to the supply chain. The entire network…

LEARN MORE