Gartner 2017 IT Vendor Risk Management Magic Quadrant Sheds Light on Common Challenges

Nearly every risk and compliance leader agrees that managing vendors isn’t easy. Some enterprises have tens of thousands of vendors across the world. Automation and adaptability are the keys to success.  Gartner as just published its 2017 IT Vendor Risk Management Magic Quadrant.  Enterprises use it to help them navigate the often complex path to reducing risk from vendors. Rsam is named a Leader in this publication.

The results of a recent survey, “2017 Secure Access Threat Report,” (published by Bomgar) shows just how great the concerns are about third-party risk. It states that on average, 181 vendors are granted access to a company’s network in a single week. Other key stats gathered from respondents include:


  • 67 percent have already experienced a data breach that was ‘definitely’ (35 percent) or ‘possibly’ (34 percent) linked to a third-party vendor
  • 66 percent of security professionals admit that they trust third-party vendors too much
  • 34 percent of respondents being totally confident that they can track vendor log-ins
  • 37 percent say they can track the number of vendors accessing their internal systems

With so much at risk, it only takes one vendor to cause damage due to poor controls. Rsam recommends that organizations automate as many processes as possible, make it easier to vendors to participate, and integrate with assessment exchanges when possible.