CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

Is Your Risk Management Program Ready for the New European Banking Authority’s Guidelines?

In June 2018, the European Banking Authority (EBA) put forth guidelines on outsourcing arrangements that highlighted the importance of risk management within financial organisations. The notice of these guidelines was announced in June 2018 and will be enforced later in 2019. On February 25th of this year, the EBA revised the guidelines to include specific…

LEARN MORE

Incorporate Financial Ratings and Cybersecurity Scores for a More Comprehensive View into Vendor Risk

RapidRatings, Security Scorecard and BitSight Expand Our Intelligent Risk and Compliance Ecosystem As a standalone solution, ProcessUnity’s cloud-based Vendor Risk Management software delivers significant value by helping organisations streamline onboarding, due diligence and assessment processes and effectively understand the state of third-party risk.  Better yet, the platform can incorporate specialised intelligence and risk ratings –…

LEARN MORE

TPRM Program Development – Pt 4 “Treating Third Parties as Trusted & Valued Partners”

Part 4: “Treating Third Parties as Trusted & Valued Partners” This TPRM blog series, compiled by experienced CSO, Bob Maley of NormShield Cybersecurity, has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center…

LEARN MORE

Third Party Risk Management (TPRM) Program Development – Part 3 “Strengthening Your Strategy”

Part 3: “Strengthening Your Strategy” This series has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center stage and risk managers can effectively respond as that problem morphs over time. This is the…

LEARN MORE

TPRM Program Development – Part 2 – “Knowing Your Ground”

Part 2: – “Knowing Your Ground” This Third Party risk and compliance blog series, compiled by experienced CSO, Bob Maley of NormShield Cybersecurity, has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center…

LEARN MORE

Third Party Risk Management (TPRM) Program Development – Part 1 “Doing it Right”

This TPRM blog series, compiled by experienced CSO, Bob Maley of NormShield Cybersecurity, has been designed to help CISOs and other risk management practitioners examine their programs from a unique perspective – one in which the objective problem your organisation is trying to solve takes center stage and risk managers can effectively respond as that problem…

LEARN MORE

Happy One Year GDPR Enforcement Day

It’s hard to believe it’s been one year since the GDPR enforcement took effect (May 25, 2018). For many, the honeymoon (or “honeydo”) hasn’t quite worn off yet, as organisations are  still trying to ensure they meet some level of conformity to the most encompassing privacy regulation to date. There are also those who will…

LEARN MORE

Verizon Data Breach Investigations Report 2019: What Are the Third-Party Risk Implications?

Prevalent Inc. Intelligence Analyst, Shawn Stefanick, provides analysis on Verizon’s Data Breach Investigations Report (DBIR) through the lens of how top third-party vulnerabilities are perpetuating breaches, and what preventative measures can be put in place. The Verizon DBIR 2019 was released on May 8th, and with it comes the annual treasure trove of lessons, use…

LEARN MORE

CEFPRO Risk Insights: Third Party Risk and the Cloud – Interview with Sean O’Brien, MD

Ahead of DVV Solutions sponsorship of the 4th Annual CEFPRO Vendor & Third Party Europe on 18th & 19th June, Sean O’Brien – Managing Director, DVV Solutions – spoke with Risk Insights magazine for a quick-fire interview on what to expect from our panel discussion on “Ensuring effective controls for cloud providers to understand where…

LEARN MORE

3rd Annual Third Party IoT Risk Study: Companies Don’t Know What They Don’t Know

Cyberattacks, data breaches and overall business disruption that can be caused by unsecured IoT devices in the workplace and used by third parties are increasing because companies don’t know the depth and breadth of the risk exposures they face when leveraging IoT devices and other emerging technologies. In response, Shared Assessments and the Ponemon Institute…

LEARN MORE