CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Blog

Due Diligence Checklist in 5 Steps – Guest NormShield Blog

Conducting a due diligence process for vendors or third-parties can be cumbersome in today’s digital environment.  Unfortunately, these entities are the weakest elements of a digital ecosystem. Regardless of a company’s size or sector, business leaders should take on a rigorous vendor due diligence process, with a proactive defense mindset. According to IBM’s Cost of…

LEARN MORE

Shared Assessments Releases 2021 TPRM Toolkit

The Shared Assessments Third Party Risk Management Toolkit was built by member practitioners, for practitioners. Leveraging diverse industry experience and relationship perspective, the toolkit embodies a “Trust, but Verify” approach based on vetted, standardised methodology.   Shared Assessments’ updated 2021 Third Party Risk Management (TPRM) Toolkit is responsive to recent events. A global pandemic, shutdowns…

LEARN MORE

The 7 Essential Disciplines of TPRM Programs – Supply Wisdom Blog

In an era when corporations commonly have hundreds and sometimes hundreds of thousands of third-party suppliers, managing the risk these third parties represent is no small task yet has become essential for corporate success.   Obviously in these circumstances, your third-party risk-management (TPRM) program becomes critical to ensure operational continuity and possibly even financial survival….

LEARN MORE

Gartner Names ProcessUnity a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools

The title says it all – Gartner has again recognised DVV Solutions’ technology partner ProcessUnity as a Leader in the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools.   This week, Gartner published both the 2020 Magic Quadrant [1] and Critical Capabilities [2] for IT Vendor Risk Management Tools. We are extremely excited to report…

LEARN MORE

Latest TPRM White Paper – Third-Party Risk in Standards & Regulations by NormShield

In today’s ever-changing environment, businesses rely on third-parties to help drive their core-activities. This dependence makes third parties, sometimes referred to as “suppliers” or “vendors”, an organic part of business processes. Recent breaches affecting Amca, CenturyLink, Capital One, Facebook, and Twitter all originated from a third-party website or platform supplier. These breaches cause thousands, and…

LEARN MORE

Guest Blog – Cutting Corners: Most Companies Conduct Inherent Risk Assessments on Less Than 40% of Their Vendors

More than two-thirds of companies are cutting corners when it comes to understanding inherent risk within their third-party due diligence It is no secret that inherent risk assessments are crucial to third-party risk management success, but are they being conducted? During a recent IT GRC webinar, Automating Your Third-Party Risk Management Program, attendees were asked…

LEARN MORE

New NormShield Strategy Report provides Simple Guide to Fix your Cyber Rating

As the only strategy report in the cyber space providing guidance from a technical, financial, and compliance perspective the NormShield Strategy Report provides a clear and concise guide to reduce cyber risk mitigation and remediation into one single report of actionable steps.   We all know effective risk management starts with an effective risk model….

LEARN MORE

NormShield Ticketing System Simplifies Third Party Cyber Risk Remediation

As the only in-house cyber risk ticketing platform, NormShield Ticketing automates workflow to remediate continuous cyber risk monitoring issues. Here is why ticketing is effective in third-party risk management (TPRM) and how NormShield’s new system can help.   Businesses strive to be more organised, focused and efficient. This productivity has a direct impact on costs,…

LEARN MORE

Why the Shared Assessments SCA is the “Swiss-Army Knife” in Your Third Party Risk Assessment Toolbox

Everyone is familiar with the utility of the famous Swiss army knife; a penknife housing several blades and other tools such as files, scissors, and screwdrivers. The Shared Assessments’ Standardised Controls Assessment (previously known as the Shared Assessments’ Agreed Upon Procedure – or “AUP”) is acquiring a similar reputation in assurance circles as it’s been reported to…

LEARN MORE

Vendor Contract Do’s and Don’ts – BitSight Guest Blog

According to an Opus and Ponemon Institute study, 59% of companies have experienced a data breach caused by one of their vendors or Third Parties — while only 16% claim they effectively mitigate Third-Party risks.   Don’t be a part of these alarming statistics: In order to protect your organisation’s valuable information, it’s critical that you set…

LEARN MORE