NERC CIP-013 and the Impact of New Regulations in the Industry
In Utilities, there’s a saying that “Safety is everybody’s business”. At some level, cybersecurity is becoming a part of everyone’s job too.
Quantifying Your TPRM Program: Business Impact and Vendor Scoring
A consistent scoring system for quantifying your TPRM program will improve decision-making, enhance visibility, and demonstrate the value of your strategy.
NERC CIP-013-1 and Cyber Supply Chain Risk Management in the Energy Industry
As of October 1st, 2020 energy organizations will have to focus on addressing specific third-party cybersecurity risks. This blog looks at some key points of the standard and how TPRM technology can help complyi.
5 Common Mistakes When Building a Third-Party Risk Management Program
Here are five common mistakes to avoid along with our tips for building the TPRM program in a way that best serves your organization and the people who work within it.
Obtaining and Retaining Executive Buy-in To Your Third-Party Risk Management Program
Tone at the top is critical. Here are seven tips for obtaining and maintaining the support you need from the C-suite
Improving Communication With Third-Parties For a Successful TPRM Program
It’s hard to set expectations and discuss findings via email. Here’s how to improve communication with third-parties for a successful TPRM program.
Why the OWASP Top 10 can be an ally to your organization
The OWASP Top 10 is a good starting point for detecting possible issues around third-party components. So how does it relate to TPRM?
A Buyer’s Guide to Third-Party Risk Management: Get Our Free eBook
We gathered the questions you might need to ask to find the right tool. Download our Buyer’s Guide to Third-Party Risk Management ebook for free!
Third-party risk assessments in Legal: SIG, SOC-2, ISO 27001 and other stories
With all the different types of certifications and risk assessments in Legal, what’s the definite proof that a third-party can be trusted?
How to think of your TPRM program from a governance perspective
Sometimes, risk accountability is shared among multiple areas or business owners. So how to build a central program to be deployed across the organization?