CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Newsroom

The Intersection of Third-Party Risk and Cybersecurity Program Management – Guest Blog

According to a recent BlueVoyant, Opinion Matters global study of 1,500 CISOs, CIOs, and CPOs, 29 percent say they have no way of knowing if cyber risk emerges in a third-party vendor; and only 22.5 percent say they monitor their entire supply chain. Without this key insight into their vendors, it’s no wonder that CISOs…

LEARN MORE

Nth Party Suppliers – Gaining a Toehold on Down Chain Providers

Supply chain sovereignty depends on a high degree of visibility in order to identify critical dependencies and then apply a consistent set of principles for monitoring of parallel (redundant) processes and other elements required for resilience across both inbound and outbound supply chains. How to accomplish this remains a nagging question at the practitioner level….

LEARN MORE

ProcessUnity VRM Essential Edition Brings Full-Featured TPRM Automation to Small and Mid-Size Organisations

ProcessUnity has today introduced ProcessUnity VRM Essential Edition, a new version of its flagship vendor risk management software aimed at helping smaller organisations identify and remediate risks posed by third-party service providers. This newest offering combines ProcessUnity’s award-winning automation tools with a complete baseline program that automates vendor onboarding, due diligence and ongoing monitoring. “Small and medium-sized…

LEARN MORE

Five Steps to Protect Your Supply Chain: A Board-Level Perspective

Last month, the cybersecurity industry faced its latest major attack through a third-party IT management software company, SolarWinds. This breach reinforces the fragility of not only the software supply chain, but  the entire third-party vendor ecosystem. As more information comes to the surface about the true depth and  breadth of the breach, it is glaringly…

LEARN MORE

Webinar Replay: Automating Supply Chain Risk Incident Actions and Response

Automating Supply Chain Risk Incident Actions and Response Many companies are increasing risk budgets in response to COVID-19’s wide-scale disruptions in 2020 and expanding their Risk Intelligence programs. Unfortunately, many widely used third-party risk management practices such as point-in-time assessments and one-time health reviews were ineffective as the situation and risks continued to change and…

LEARN MORE

Credit Union Industry Risks Significant Financial Impact Due To Cybersecurity Vulnerabilities – Black Kite Report

New report reveals leaked credentials, legacy systems and vendor vulnerabilities as greatest sources of cyber risk for Credit Unions. Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union industry, according to the 2021 Third-Party Risk Pulse: Credit Unions and Vendor Ecosystems report released by Black Kite today. The research analysed…

LEARN MORE

Return to the Workplace… What if They Say No? – Guest Blog

With the rollout of vaccination programs, many companies are now putting together their post-pandemic Return to the Workplace (RTW) plans. While executives are busy discussing theories, approaches and concerns for a smooth return to the workplace, I believe there’s something they haven’t spent enough time considering, and that’s the human factor. How do employees feel…

LEARN MORE

Nth Party Risk Concepts – How Low Should You Limbo?

The recent Shared Assessments “Taking the Pulse of Nth Parties in a Post-COVID World” webinar brought together a capable panel of risk experts to discuss Nth Party Risk concepts. With close to 100 combined years of experience in the Third Party Risk Management field, speakers included Brad Keller (SVP & CSO, Shared Assessments), Sean O’Brien (Managing Director, DVV Solutions), James…

LEARN MORE

Understanding The Frailty Of The Software Supply Chain

In December 2020, the cybersecurity industry faced its latest attack – SolarWinds. This hack reinforces the frailty of not only the software supply chain but the third-party vendor ecosystem. As more information is uncovered, it is becoming clear that this extensive ecosystem of vendors is the gateway for attackers to move laterally from network-to-network. Tackling…

LEARN MORE

Register Now: Automating Supply Chain Risk Incident Actions and Response Webinar

Automating Supply Chain Risk Incident Actions and Response Many companies are increasing risk budgets in response to COVID-19’s wide-scale disruptions in 2020 and expanding their Risk Intelligence programs. Unfortunately, many widely used third-party risk management practices such as point-in-time assessments and one-time health reviews were ineffective as the situation and risks continued to change and…

LEARN MORE