Vendor Risk Management Insights

Part 2: Are Your Vendors Walking the Walk? Confronting Risk Realities: Your Control Processes are Broken

Posted by RiskRecon on Nov 18, 2016 11:05:15 AM

In the second part of this two-part blog series, we look at the reality of your risk processes.

The complex, extensive vendor ecosystems in today’s enterprises have impacted the effectiveness of risk control processes. Local or otherwise decentralized IT and business functions procure SaaS solutions on their own, entirely bypassing the formal IT governance process.  Paper-based risk control processes were developed for a time when your vendor population was much smaller, data storage was mostly on premise, and third parties were only a small piece of your security programs.  Today, risk control processes must be adapted to new risk realities.  

Read More

Topics: risk control, trust building, threat investigation, risk exposures, 3rd party risk management, vendor ecosystems

Part 1: Are Your Vendors Walking the Walk? Confronting Risk Realities: Your Measurements Are Incomplete

Posted by RiskRecon on Nov 18, 2016 11:05:02 AM

You just received an updated security attestation from your third-party provider, but the hair on your arms stands straight up when news of the latest hack appears on your screen. Your vendors may talk the talk, but you anxiously wonder if they're walking the walk. Checklist compliance is not good enough.  It's time to confront your risk reality. In part one of this two-part blog series, we look at risk measurement.

Read More

Topics: risk exposures, risk transparency, 3rd party risk management, vendor ecosystems, security attestation, risk measurements

New Call-to-action

Subscribe to Email Updates

Recent Posts