Shared Assessments, the trusted source in Third Party risk, today released the latest version of the Program Tools for 2018, which are now available for download via the Members Resources area of the Shared Assessments website. The Shared Assessments 2018 Program Tools are an important component of the Shared Assessments Third Party Risk Management Framework, and…
LEARN MOREIs a one-off annual Third Party risk assessment enough? The 2017 Ponemon Cost of Data Breach Survey found that 63% of companies don’t have plans to update their Third Party risk assessments on an ongoing basis. If you rely only on one-time assessments you risk missing critical information about your suppliers that can affect…
LEARN MOREBest Practices for Reducing Third Party Risk The simple truth is that the security measures organisations put in place are not enough to protect them from threats of Third Party risk. Third Parties can present the greatest area of risk exposure — both for data security and for regulatory compliance. It is much easier for…
LEARN MOREUnderstanding the Bar Council GDPR guide and what GDPR means for Barristers, Chambers and Legal Firms A few thoughts on the Bar Council GDPR guide notes and Third Party Risk compliance. In October 2017 the Bar Council issued a GDPR guide for Barristers and Chambers that outlined the key issues and requirements for regulatory compliance….
LEARN MOREPCI DSS Third Party Risk continued…. In our previous blog (PCI DSS Third Party Risk – Compliance and Liability in an Outsourced Payment Processing model) on the importance of being Payment Card Industry Data Security Standard (PCI DSS) compliant when using a Third Party service provider (TPSP) we highlighted the issue that PCI non-compliant organisations…
LEARN MOREPCI DSS Third Party Risk The use of Third Party service providers (TPSPs) to process credit card payments is increasingly popular given the cost and operational efficiencies it represents and the perception of short-cutting the costly burden of Payment Card Industry Data Security Standard (PCI DSS) compliance. In this series of blogs we’ll take a…
LEARN MOREA few thoughts on Fourth Party Risk Management. We all know the drill. It’s time for some annual festivity, frivolity and fake fir trees. Without wanting to sound like the Grinch, there is one thing that doesn’t take a holiday. RISK! We hope that by now the mix of media attention, ICO & GDPR guidelines…
LEARN MOREShared Assessments, the trusted source in Third Party risk, today released its GDPR Data Processor Privacy Tool Kit, another resource in the “Building Best Practices” series. The GDPR Data Processor Privacy Tool Kit provides preliminary guidance for both data controllers and data processors to effectively evaluate and manage Third Party processor risk under the European Union…
LEARN MOREOne Step Ahead of Uncertainty: GDPR and the Supplier IT Risk Landscape Following DVV Solutions’ participation at ILTA INSIGHT 2017 we are pleased to share the recording of our panel discussion on GDPR and the implications for managing Supplier IT Risk: Synopsis Is GDPR a blessing and a curse? There is inevitably a lot of…
LEARN MOREThis White Paper from Shared Assessments discusses what Third Party Risk Rating is, what Risk Rating is needed and how an organisation can apply Risk Rating best practices as part of their Third Party Risk Management (TPRM) Abstract Risk rating of third party providers is an essential aspect of a comprehensive risk management program. When…
LEARN MORE