Third Party Thursday - August 8, 2024

Take a few minutes out of your busy day to check out the latest third-party risk management news, resources, upcoming CPE credit eligible webinars, and more below.

A third-party app leaked organizations’ data through a public web directory and third-party data access has become a top concern for security professionals. Healthcare organizations were recently urged to improve medical supply chain cybersecurity. The aviation industry is also facing increased third-party risks, according to a study.

Organizations spend an average of $2.5 million in ransomware payments. Hardware supply chains are being increasingly targeted by nation-state actors. A ransomware group was able to impersonate a website to try to trick IT employees and a new Windows vulnerability is targeting older systems, emphasizing the importance of updating systems. A tabletop exercise showed how vendor concentration risk can negatively impact government agencies. Read more on this week’s third-party risk management news.?

Read More

eBook: Using KPIs to Maintain Strong SLAs in Vendor Relationship

Press Release:?Venminder Unveils Enhanced SOC Assessment to Strengthen Vendor Control Evaluations

Blog: Vendor Risk Management in the Pharmaceutical Industry

On-Demand Webinar:?What You Need to Know About Vendor Business Continuity, Disaster Recovery, and Pandemic Planning

Checklist: Third-Party Risk Management Audit or Regulatory Exam

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Foreign Branch Outsourced Head Office (Headquarters) Services (Risk Management and Audit): "Our organization is going to open a new branch in a foreign country and we would be handling the risk management audit function from headquarters. There is some concern if this presents a conflict of interest. What is your advice to address conflict of interest?" Help Answer
• Attorneys for Loans: "We are looking to onboard an attorney for our commercial loan department. This would be the first time we are onboarding an attorney for this person. Has anyone been in this situation?" Help Answer
• Standards for Vendor Risk Criteria and Ongoing Monitoring: "Does anyone have any template for standards in vendor criteria and ongoing monitoring?" Help Answer

How Fourth Parties Impact Your Credit Union

Have you considered who your fourth parties are? They could be playing a crucial part in your operations or even have access to sensitive data that belongs to your members. In this session, we'll discuss the importance of understanding your fourth-party vendors.

August 13, 2024 | Basic | 2pm ET | Register Now

Risk-Based Vendor Due Diligence: Identifying the Proper Scope, Scale, and Documents

Performing risk-based vendor due diligence can help your organization effectively manage risks. But what does risk-based due diligence entail? Learn how to identify the right scope and scale for vendor due diligence and more.

August 27, 2024 | Basic | 2pm ET?| Register Now

Who Should Be Involved in Third-Party Risk Management

The third-party risk management process requires multiple stakeholders' involvement to ensure it runs smoothly. In this session? we'll discuss the different roles and responsibilities involved including who owns the risks associated with third parties, who's responsible for the TPRM framework, and more.

September 5, 2024 | Basic | 2pm ET | Register Now

Blog: Third Party Risk Association - How to Determine Residual Third-Party Risk and Next Steps

Blog:?Provider Trust - 5 Reasons Why HITRUST Certification Matters

Blog:?LMG Security - It's Time to Update Your Incident Response Playbook

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.