CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

News

Replay our Fireside Chat: Key success factors in building a TPRM program – 23/03/22

The global epidemic, geo-political tensions and continuous data breaches such as SolarWinds and NotPetya have highlighted the importance of maintaining smooth supply chain operations. This is coupled with increasing regulatory pressure being placed on demonstrable risk assurance efforts, including the impending PRA Operational Resilience requirements and EU’s DORA Act. How can we address these challenges…

LEARN MORE

Webinar Replay: Aligning a Third-Party Risk Strategy Across Security, Privacy, Ethics, and ESG

Third-party risk management (TPRM) is a common thread that spans security, privacy, ethics, and ESG. However, these teams and leaders often do not collaborate to achieve a shared mission: reduce third-party risk. As the requirements for each individual risk domain increase, it’s not enough to have a tunnel-vision strategy to track and address vendor risks….

LEARN MORE

OneTrust White Paper: The Business Value of Third-Party Risk Management Software

The increased reliance on third-party vendors for businesses to advance digital transformation has never been more important than now. However, the swift adoption and complex vendor relationships can leave gaps in how organizations properly vet and track their third parties that are both comprehensive and efficient. These gaps can increase your exposure to risk and…

LEARN MORE

Data Privacy Week – A timely reminder of the principles and importance of GDPR 3rd Party Compliance

January 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…

LEARN MORE

Black Kite report delivers trends, root causes and lessons learned from 2021 third-party breaches

In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…

LEARN MORE

DVV Solutions recognised as Assurance Leader with “Guided by SCA 2022” certification

The Shared Assessments Program has further endorsed DVV Solutions’ credentials as a leader in Third-Party Risk Management with it latest “Guided by SCA 2022” certification. Shared Assessments SCA Guidelines are intended for use by organisations and third party risk practitioners to ensure consistency related to the execution and reporting of results from third party risk…

LEARN MORE

Track LOG4J Vulnerabilities in your Cyber Supply Chain – Black Kite Adds LOG4J Status Tags For Third-Parties

Late last week, Apache released yet another update to mitigate the Log4j vulnerability and further flaws discovered as the incident has progressed.  The newest update is version 2.17.0, which works to patch a denial of service, or DOS, vulnerability, known as CVE-2021-45105. It is important to update to 2.17.0 immediately, and continue to update with each future release of…

LEARN MORE

Aligning Internal Cybersecurity with Third-Party Risk – ProcessUnity White Paper

Aligning Internal Cybersecurity Practices with Third-Party Risk Management With the recent increase in cyber attacks and new regulations on cybersecurity, you may be wondering how your organisation can bolster its cybersecurity efforts. As the threat landscape grows, so does your organisation’s need to develop a robust, cross-functional cybersecurity program. But where should you start? To…

LEARN MORE

Download your copy of Supply Wisdom’s Third-Party Risk Management eBook

Faced with increasing disruption risks from more sources in more locations, CROs are urgently exploring new strategies and technologies to mitigate third-party risk and ensure resiliency.  The Risk Officer’s Precise Guide to Accelerating Full-Stack Continuous Third-Party Risk Management eBook addresses this pressure on risk management executives, specifically: Problem: Legacy based TPRM practices are unable to effectively mitigate today’s risks of…

LEARN MORE

Black Kite Platform Wins Dual Risk Management Innovation Awards

Black Kite, the standard in third-party cyber risk ratings, has won the CISO Choice Award for Risk Management for a second consecutive year. Granted by a distinguished panel of judges from the CISOs Connect community, the win comes just weeks after Black Kite was named the 2021 Risk Management Innovation of the Year by the…

LEARN MORE