CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

Newsroom

UK PRA Guidelines: New Strategies for Operational Resiliency and Supplier Risk Management

It goes without saying that operational resiliency and supplier risk management go hand in hand. Organisations need to adapt, respond to, and recover from disruptions that occur both internally and externally in order to be successful. In recent years, financial regulators globally have been putting a stronger emphasis on operational resiliency and business continuity, leading to an influx of new guidelines for…

LEARN MORE

Four Ways Automation Can Transform Your Third-Party Cyber Risk Management Strategy

Supply chains are growing at an annual rate of 11.2% and are forecasted to double in size by 2026. Growing supply chains inherently pose greater supply chain risk and require a scalable approach to vendor risk management. Cyber risk monitoring solutions not only identify 40% more threats than conventional security, they offer a handful of other benefits. 1. AUTOMATION REDUCES HUMAN…

LEARN MORE

ProcessUnity achieves “Leader” hat-trick in Gartner IT Vendor Risk Management

Congratulations go to our TPRM automation partner ProcessUnity as Gartner® has positioned them in the “Leader” Quadrant of the 2021 Magic Quadrant™ for IT Vendor Risk Management Tools for the third consecutive year! Gartner® Magic Quadrant™ for IT Vendor Risk Management 2021 The 2021 Gartner Magic Quadrant for IT Vendor Risk Management Tools evaluates the…

LEARN MORE

Assessing and Mitigating ESG Risks in the Third-Party Supply Chain

An Effective ESG Risk Assessment Framework is Critical to Business Success In recent months emerging governmental and regulatory disclosure requirements, as well as societal attention to diversity, inclusion and equity, have accelerated the need to successfully incorporate Environmental, Social and Governance (ESG) factors into your Procurement and Third-Party risk assurance programs. Will simply adding ESG…

LEARN MORE

Managed Security and the 3rd Party Cyber Risk Opportunity

The issue of cyber risk has grown in importance over the last few years. But it’s not enough to consider the cyber security of your organisation by traditional boundaries. You need to consider the security of your whole business ecosystem, including your third-party suppliers and vendors. This latest report report from the Managed Security Forum…

LEARN MORE

What the European Banking Authority Guidelines Mean for Supplier Risk Management

Using the EBA guidelines to streamline your supplier risk management program. Simply stated, financial  services faces enormous risk in an age when attack surfaces are expanding exponentially. All too often do these risks, and the regulations introduced to mitigate them, become barriers to innovation. To help pave the way towards better risk management, the European…

LEARN MORE

Webinar Replay: The Emerging ESG Regulatory Challenge for Third-Party Risk Management

ESG Risk & Compliance – The Emerging Regulatory Challenge for TPRM Organisations are seeing an ever-increasing risk and impact from localised events that are not only disrupting the resilience of their global supply chains but posing significant risk to the reputation of their businesses. Meanwhile governments and regulators are cranking up the heat with targets…

LEARN MORE

What is Fourth Party Risk and How to Manage it

As we’ve seen in recent events such as the SolarWinds hack, third-party risk poses a serious threat to business continuity. What the incident also demonstrated is that fourth party risk, or the risk posed by a contracted vendor’s third parties, can equally threaten data security and operations. Your organisation may have integrated a robust third party risk management program (TPRM) – but what if keeping an eye on your…

LEARN MORE

Kaseya – The early indicators of trouble

From reports of numerous former employees, Kaseya leaders knew of and failed to address cybersecurity concerns going back to 2017 (Kaseya Failed to Address Security Before the Hack). Unfortunately, as a result, 1500 managed service providers and possibly more, experienced significant disruptions due to the ransomware attack. For those 1500+ companies, the million-dollar, or in…

LEARN MORE

A Deep Dive into the Digital Operational Resilience Act (DORA)

The European Union (EU) will soon launch a new regulation that will require banks and firms in the global financial industry to mature their third-party risk management programs to include set cybersecurity requirements – which will also apply to the critical Information and Communication Technology (ICT) service providers they are working with.  The timeframe for…

LEARN MORE