How solid is your Business Continuity Plan? Do you even have one? Various threats such as hardware and software failures, cyberattacks, human error, and yes, natural disasters can take down your business. According to FEMA, 40% of businesses do not reopen after a natural disaster, another 25% fail within one year. Are you prepared? We’ve identified 5 basic steps to building a Business Continuity Plan to ensure you are..
Third Party Data Classification is essential to managing a sustainable and efficient business. For most organizations, vendor classification is typically established during initial onboarding based on what information vendors need to have access to at that point in time. Unfortunately, once set up, rarely do organizations reclassify their vendors, potentially exposing their vendor risk management strategy to unnecessary risk..
Third-party vendor assessments are often considered the cornerstone of any organization’s third-party risk management program. However, as a recent Rsam survey showed, less than 15% of vendors are being assessed. But the real issue is there is a whole ecosystem of third-party vendors not even being considered for assessment..
Rsam sat down with Michael Rasmussen of GRC 20/20 to discuss making a GRC RFP template and creating a business case for GRC Technology..
British Airways had a major cyberattack in 2018. Will they face GDPR fines in 2018? The investigation into British Airways’ data breach is still ongoing, so it’s too early to say what GDPR fines they may be hit with. However, they could face up to £488 million in penalties under GDPR. How would the Equifax breach in 2017 have fared?.
There is no silver bullet that would solve all our problems as it relates to risk management for brand reliance, however there’s one approach that can help organizations address brand risk and it is called Integrated Risk Management (IRM)..
Good Vendor Risk Assessments are critical for avoiding data breaches. Read Rsam's Vendor Risk Management Product Manager's top tips for better vendor risk assessments.
Our CISO survey uncovered that only 5% of respondents said that their IT security metrics were “very effective.” How do we match CISO responsibilities and goals with metrics that work..
Supplier risk management is an important consideration across the organization, not only for the technology team. There are times throughout every organization’s supplier risk management lifecycle when it makes sense to reassess who you’re working with and evaluate their value to the business based on vendor risk management best practices..
Can the NIST Cybersecurity Framework be used for even small companies? The passing of the NIST Small Business Cybersecurity Act says yes..