As some of you may know, I have been championing the cause of standards in third-party risk management in the UK for a number of years now. When DVV Solutions originally looked at what standards we should build out our service offering and risk advisory from, there was only one organisation that stood out, and…
LEARN MOREThere’s no “e” in third party risk management (TPRM), but that’s quickly changing thanks to new environmental regulations, rapidly growing clean-energy investments, changing societal norms and other factors that show no sign of waning. TPRM practitioners should take note, as this trend will likely have profound impacts on most aspects of their work. These changes…
LEARN MOREGet Practical Guidance and Formulate a Winning Business Case Building a business case to purchase a vendor risk assessment tool is a big deal. You’re trying to alleviate pain within the organisation…most likely pain that you’re experiencing every day. On the other hand, your executives need to understand how the costs involved will ultimately benefit…
LEARN MOREIn just 3 years since GDPR became enforceable over 660 fines and over €290m in penalties have been issued. Whilst British Airways (€22m) and Marriott International (€20m) have naturally grabbed the front pages with high profile breaches and fines the fact remains that for each and every organisation any breach of Personally Identifiable Information (PII)…
LEARN MOREImagine cracking open a fortune cookie and finding this sage advice on the paper slip: “Your reputation is your wealth.” A recent Shared Assessments’ Operational/Industrial Technology Risk Management Working Group meeting cracked open this cookie as they examined reputation and explored risk management’s role in preserving it. Reputation is tied to the supply chain. The entire network…
LEARN MOREThe Ransomware Susceptibility Index analyses technical and financial data to determine likelihood of ransomware attacks on third-parties, vendors and business partners. Black Kite, DVV Solutions cybersecurity ratings partner, today released the first automated ransomware service that assesses the likelihood of a ransomware attack on organisations and their vendors, suppliers, and business partners. The Ransomware Susceptibility Index…
LEARN MOREThe Emerging Importance of ESG-Related Risk Environmental, social, and governance (ESG) and its role in vendor risk management have gained prominence this past year as the awareness for environmental and social issues grows. ESG helps examine how an organisation contributes to and performs on environmental, social, and ethical challenges, and the overall governance of the organisation. ESG touches on issues ranging from human…
LEARN MORETo better protect organisation’s in today’s cyber landscape, a seemingly infinite number of cybersecurity best practices and recommendations have evolved into more formal industry-wide frameworks and regulations. While some organisations have found themselves ahead of the curve, new policies create an obstacle for many, especially those ill-prepared for digitisation in the first place. Too many companies…
LEARN MOREAccording to a recent BlueVoyant, Opinion Matters global study of 1,500 CISOs, CIOs, and CPOs, 29 percent say they have no way of knowing if cyber risk emerges in a third-party vendor; and only 22.5 percent say they monitor their entire supply chain. Without this key insight into their vendors, it’s no wonder that CISOs…
LEARN MORESupply chain sovereignty depends on a high degree of visibility in order to identify critical dependencies and then apply a consistent set of principles for monitoring of parallel (redundant) processes and other elements required for resilience across both inbound and outbound supply chains. How to accomplish this remains a nagging question at the practitioner level….
LEARN MORE