If a relationship isn’t working, especially with your third-party vendors, it’s important to know when is the right time to break up. Whether you like it or not, the value of your brand and your reputation with your customers is closely tied with third-party vendors you work with. While it may seem difficult to know when to cut ties, it can be done in a systematic way..
Last December JBS Tolleson recalled more than 12 million pounds of beef that sickened hundreds of people.. This news should prompt you to think about your own supply chain risk management practices. Read the 3 big questions you should be asking yourself..
Late last year, Marriott announced a data breach that affected nearly half a billion of its customers. What started as a small breach four years ago should have been the stimulus to uncovering existing vulnerabilities, evaluating processes, and improving cybersecurity for the future..
What are CISOs top questions about Third-Party Risk Management? Chris Murphey sat down with over 150 CISOs on a six city tour finding out. Read his results here..
Rsam sat down with Michael Rasmussen of GRC 20/20 to discuss making a GRC RFP template and creating a business case for GRC Technology..
Can the NIST Cybersecurity Framework be used for even small companies? The passing of the NIST Small Business Cybersecurity Act says yes. Find out how to operationalize the NIST CSF..
Despite working hard to make vendor risk management better, for most organizations it is a continual struggle. One way to help organizations change how to think about this challenge is to reframe how you think about IT vendor risk management and your life outside of work..
How solid is your Business Continuity Plan? Do you even have one? Various threats such as hardware and software failures, cyberattacks, human error, and yes, natural disasters can take down your business. According to FEMA, 40% of businesses do not reopen after a natural disaster, another 25% fail within one year. Are you prepared? We’ve identified 5 basic steps to building a Business Continuity Plan to ensure you are..
Third Party Data Classification is essential to managing a sustainable and efficient business. For most organizations, vendor classification is typically established during initial onboarding based on what information vendors need to have access to at that point in time. Unfortunately, once set up, rarely do organizations reclassify their vendors, potentially exposing their vendor risk management strategy to unnecessary risk..
Third-party vendor assessments are often considered the cornerstone of any organization’s third-party risk management program. However, as a recent Rsam survey showed, less than 15% of vendors are being assessed. But the real issue is there is a whole ecosystem of third-party vendors not even being considered for assessment..