With new, easy to sign up for and install tools, employees may engage a third-party without involving security teams at all or until the very end of the process. Here are a few tips on how to get them aware and onboard with a security assessment.
On January 1, 2020 the California Consumer Privacy Act (CCPA) of 2018 came into effect. Although it impacts thousands of businesses across the country, with stiff financial penalties, many business leaders are still unsure about what it means. This blog looks at some key points of the law and its impact on third-party risk management.
Global Resilience Federation and ThirdPartyTrust establish partnership allowing members to peer-source vendor risk assessments
Reston, VA USA – October 23, 2018 – Global Resilience Federation (GRF) and ThirdPartyTrust today announced a new partnership that provides GRF members the opportunity to peer-source vendor risk management using the ThirdPartyTrust community-oriented platform that advances awareness and minimizes the workload of evaluations.
Last Monday, (9/30) at the LS-ISAO Annual Member Gathering, we had the privilege to help organize a panel about the importance of a legal specific set of controls to help manage your third-party risk management program.
Metrics drive the measure of progress and stand as benchmarks during any assessment, audit or review process. They are the life blood of reporting, but when it comes to vendor risk management, it is not as straight forward as you might think.
ThirdPartyTrust has announced that it has joined the Shared Assessments Program, the member-driven trusted source in third party risk assurance and management. In addition to its membership in the program, ThirdPartyTrust’s platform now supports the Shared Assessments Standard Information Gathering (SIG) questionnaire.
The former CEO of Intel, Brian Kzranich said last month, “Data, I look at it as the new oil. It’s going to change most industries across the board. Oil changed the world in the 1900s. It drove cars, it drove the whole chemical industry,” Krzanich explains.
With growing executive demand for changes to cybersecurity processes and awareness comes inherent challenges to an organization.
Discussions on privacy laws have taken front and center in recent weeks as European Union (EU) member states begin enforcing the General Data Protection Regulation (“GDPR”) on May 25, 2018. As we have been discussing for a while, there is confusion as data collectors try to figure out the impact of this legislation. There is no question…
There remains a significant amount of mis-information and utter chaos regarding the continued use of trusted third parties in support of business operations.