Vendors have enormous power to affect the success or failure of your business. As more organizations outsource business-critical functions to SaaS providers who host their service in the cloud, they unintentionally expose themselves to 3rd party risk..
If a relationship isn’t working, especially with your third-party vendors, it’s important to know when is the right time to break up. Whether you like it or not, the value of your brand and your reputation with your customers is closely tied with third-party vendors you work with. While it may seem difficult to know when to cut ties, it can be done in a systematic way..
Last December JBS Tolleson recalled more than 12 million pounds of beef that sickened hundreds of people.. This news should prompt you to think about your own supply chain risk management practices. Read the 3 big questions you should be asking yourself..
What are CISOs top questions about Third-Party Risk Management? Chris Murphey sat down with over 150 CISOs on a six city tour finding out. Read his results here..
Can the NIST Cybersecurity Framework be used for even small companies? The passing of the NIST Small Business Cybersecurity Act says yes. Find out how to operationalize the NIST CSF..
Despite working hard to make vendor risk management better, for most organizations it is a continual struggle. One way to help organizations change how to think about this challenge is to reframe how you think about IT vendor risk management and your life outside of work..
Third Party Data Classification is essential to managing a sustainable and efficient business. For most organizations, vendor classification is typically established during initial onboarding based on what information vendors need to have access to at that point in time. Unfortunately, once set up, rarely do organizations reclassify their vendors, potentially exposing their vendor risk management strategy to unnecessary risk..
Third-party vendor assessments are often considered the cornerstone of any organization’s third-party risk management program. However, as a recent Rsam survey showed, less than 15% of vendors are being assessed. But the real issue is there is a whole ecosystem of third-party vendors not even being considered for assessment..
There is no silver bullet that would solve all our problems as it relates to risk management for brand reliance, however there’s one approach that can help organizations address brand risk and it is called Integrated Risk Management (IRM)..
Good Vendor Risk Assessments are critical for avoiding data breaches. Read Rsam's Vendor Risk Management Product Manager's top tips for better vendor risk assessments.