Blog

Third Party Risk Management - Meeting the Expectations of the Board

With the strategic importance of engaging third parties in today's business landscape, coupled with the level of risk that they can bring to the enterprise, it should not be surprising that third party risk management is attracting greater focus from the C-suite and the Board of Directors.

According to the Institute of Collaborative Working, up to 80% of direct and indirect operating costs of a business can come from third parties, while up to 100% of revenue can come from alliance partners, franchisees and sales agents.

Download e-Book

Read More

Topics: third party risk management, board of directors, governance, board accountability, third party governance, benchmarking

Bribery & Corruption - “societal action v. unenforced regulation”

At the moment, the international approach to enforcement around bribery and corruption can seem uneven, at best and perhaps lax, at worst.

Read More

Topics: FCPA, Anti-Bribery and Anti-Corruption, third party risk management, Corruption Enforcement, Corruption, Fraud, Bribery, compliance programs, reputational risk, uk bribery, uk sfo

Three ways the Internet of Things and the GDPR will impact Third Party Risk

As the Internet of Things (IoT) evolves, it will offer organizations the opportunity to create an unprecedented range of potential products and services. By embedding the internet into computer systems inside of cars, appliances, and other physical things, manufacturers will be able to offer new functionality as well as additional services. Smart homes and intelligent cars are already on the consumer market in many countries. Applications for this technology in a business-to-business environment are equally promising.

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, information security, cybersecurity, cybersecurity regulation, cyber-security, cyber risk, cyber regulation, internet of things, IoT

Five Top Trends in Cybersecurity Regulations

Cyber and information security is considered by some to be the biggest challenge organizations collectively face today. A recent study conducted by Juniper Research predicts the cost of data breaches to reach $2.1 trillion globally by 2019. These incidents – whether they are caused by criminals, foreign governments, or hacktivists – can be costly for organizations, distressing for consumers, and create the possibility of real systemic damage to whole industries; even nations. So, it’s hardly surprising that regulators and legislators around the world are moving into action.  

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, information security, cybersecurity, cybersecurity regulation, cyber-security, cyber risk, cyber regulation

Aravo and SecurityScorecard Partner to Improve Actionable Third Party Cybersecurity

We are delighted to announce the integration of the Aravo Enterprise platform with SecurityScorecard’s platform, to provide a fully integrated solution for enhanced third party cyber-risk management.

Read More

Topics: third party risk management, Data Security & Privacy, cybersecurity, SecurityScorecard

Whetting the Appetite in Third Party Risk

A snapshot of the results of two new audience surveys suggests that the concept of “risk appetite” within the third-party risk management framework is still finding its feet. Attendees at a pair of June New York and London conferences, aimed at the financial services industry’s third party risk professionals, responded very similarly to three key questions.

Read More

Topics: risk and compliance, Financial Services, third party risk management, compliance programs, risk management, governance, reputational risk, compliance risk, tprm, event, third party risk, EMEA, survey, risk appetite

Expert Series Podcast - Pt. 3 - Looking toward the future with GDPR & Third Party Risk – with consideration to privacy regulations in other countries

 
Read More

Topics: third party risk management, Data Security & Privacy, GDPR, General Data Protection Regulation, cybersecurity, data privacy, corporate regulation, podcast

Evaluating Third Party Risk and Performance

Best practice approaches to risk and performance scoring and automated workflow

As businesses have evolved and matured, so too has their approach to third parties. In the past, companies focused more on transactional ‘supplier’ relationships, typically for raw materials or ‘parts’. However, today third party relationships form a much deeper and far-reaching part of the strategic and operational ecosystem of any Global 2000 organization.

DOWNLOAD THE WHITE PAPER

Read More

Topics: risk and compliance, third party risk management, Global 2000, compliance risk, tprm, business complexity, scale, business change, business scale, white paper, third parties, risk-scoring, performance scoring, automated workflows, risk dashboard

Expert Series Podcast - Session 2 - A Deeper Dive into GDPR & Why Organizations Need To Be Thinking about Third Party Risk

Session 2 of 3 (approx. 15 minutes)

I had the great pleasure to speak with Simon McDougall, GDPR expert and Managing Director at Promontory Financial about GDPR & Why Organizations Need To Be Thinking About Third Party Risk. Simon shared insights around GDPR best practices, possible blind-spots, and approaches for Board members, C-suite and middle-management.

Read More

Topics: third party risk management, Data Security & Privacy, GDPR, General Data Protection Regulation, cybersecurity, data privacy, corporate regulation

Board Reporting, Risk Scorecards, Cybersecurity and more – takeaways from CEFPROs Vendor and Third Party Risk USA Conference

Earlier this month, I attended and chaired at the Center for Financial Professional’s conference on Vendor and Third Party Risk USA in New York. The two-day event highlighted the complexity that third party risk managers face, with topics as far ranging as cyber-risk at fourth parties, to applying third party risk frameworks to intra-company organizations. The event also demonstrated that the discipline is having to evolve and mature fast in order to keep pace with the changing digital landscape as well as ongoing regulatory change. Here are my top takeaways from the event, which I hope you will find of interest.

Read More

Topics: Anti-bribery & Anti-corruption, risk and compliance, Financial Services, third party risk management, Responsible Sourcing, compliance programs, business case, High Technology, risk management, governance, reputational risk, compliance risk, tprm, event, third party risk, EMEA