Third Party Thursday - March 21, 2024

Spring has sprung! What are you looking forward to most with warmer weather around the corner? In the meantime, check out the latest third-party risk industry news, resources, community happenings, and upcoming webinars below.?

A technology company recently experienced a third-party data breach and an IT services provider was the victim of a malware attack. A helpful way to ensure vendor cybersecurity are contractual standards. There are also tips to advocate for cybersecurity at a board level and best practices to follow to mitigate supply chain risks. And the U.S. will begin rolling out a cybersecurity labeling program for smart devices.

The EU passed the world’s first comprehensive artificial intelligence legislation, known as the AI Act. New Hampshire became the?next state to pass a privacy law, and the Department of Health and Human Services revised its tracking technology guidance. Organizations can also prepare for HIPAA Security Rule changes coming this spring. Read all of this week’s third-party risk management news.

Read More

Infographic: What to Do If a Vendor Has Weak Business Continuity and Disaster Recovery Plans

Blog:?Third-Party Risk Management Requirements of NIST Cybersecurity Framework 2.0

Blog: SEC Climate-Related Disclosure Requirement Highlights and Third-Party Considerations

On-Demand Webinar:?How to Review Your Vendor's Financial Health: A Walkthrough of Financial Documents

Interview: Rachael Ormiston, Head of Privacy at Osano

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Risk Assessment of Vendor Management Program: "Does anyone have a risk assessment that you use on your vendor management program to assess how well you program is operating" Help Answer
• FFIEC Reviews of Third Parties: "Are other banks performing an FFIEC review of their third-party vendors? If so, how are you determining the scope of your review with your regulators?" Help Answer
• Risk Mitigation Plans: "Regarding your organization's internal risk mitigation process, what does the workflow look like to inform internal stakeholders on agreed remediation?" Help Answer

The Third-Party Risk Management Lifecycle: Managing Vendor Risk From Start to Finish

The third-party/vendor risk management lifecycle is the foundation for effective third-party risk programs across industries and organizations of all sizes. In this webinar, we'll cover each lifecycle stage in detail.?

April 2, 2024 | Basic | 2pm ET | Register Now

Third-Party Risk Management Bootcamp

In this three-day virtual bootcamp, industry experts will cover an in-depth look at the third-party risk management lifecycle, vendor risk management best practices, fourth-and nth-party vendors, vendor financial health, AI, and much more. Grab your camping chair and save your seat today.

April 16-18, 2024 | Basic | 1-3pm ET | Register Now

Protecting Your Credit Union With Vendor Risk Assessments

Vendor risk assessments are important for credit unions, as they offer detailed information about how vendors handle risk. In this session, we'll discuss what you need to know and do to ensure your assessments are effective, timely, and meet regulatory requirements.

April 30, 2024 | Basic | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.