Third Party Thursday - March 23, 2023

We've gathered third-party risk management news and resources that you should check out to be in the know. Take a few minutes to look at the information below.

This week, there’s talk around the Federal Reserve and other agencies working together to develop new third-party risk management guidance and the SEC announced the proposal of three rules that are designed to standardize cybersecurity risk disclosures and enhance financial stability. EDUCAUSE has asked the U.S. Department of Education to rescind the recent guidance letter that changed the interpretation of its “Third-Party Servicer” regulations. With Silicon Valley Bank and Signature Bank both recently falling, the cybersecurity market is looking into the potential consequences this may have caused.

Long gone are the days cybersecurity falls on one person or title – effective cybersecurity is a group effort. And cybersecurity is a large priority for the federal government, but there’s still a major gap that needs to be addressed...?third parties! Iowa’s new, comprehensive consumer privacy law passed, making Iowa the sixth state to enact a state privacy law. To wrap up, did you know the UK saw a surge in ransomware attacks in 2022? There’s plenty of news to be aware of this week, so be sure to read more.?

Read More

Infographic: Benefits and Best Practices of Mid-Term Vendor Contract Reviews

Blog:?Vendor Site Visits: When, Why, and Examples

Blog: Prioritize Continuous Vendor Risk Monitoring

Press Release:?Venminder Named a Best Place to Work in Kentucky 2023

Podcast: Vendor Financial Importance in Today's Business Climate

Press Release: Venminder Recognized as a 2023 Gartner Peer Insights? Customers’ Choice for IT Vendor Risk Management in North America

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit www.thirdpartythinktank.com to register and sign in.

• Third-Party Cybersecurity Control Requirements: "We're in the process of establishing a third-party control requirements document that would define the cybersecurity controls that our third parties would be required to have. How have others handled these requirements? Has it been difficult to provide evidence of adherence to these requirements?" Help Answer
• Referral Relationships: "My organization is considering entering into a relationship where we would refer customers to a student loan organization website. Our organization wouldn't be sharing any information directly. What type of due diligence should we require from the student loan organization in this type of relationship?" Help Answer
• On-Site Due Diligence Checklist for Business Process Outsourcing:?"We're trying to set up a governance framework on our centers of excellence that includes periodic on-site due diligence. Does anyone have a guide on periodic on-site due diligence?" Help Answer

The Silicon Valley Bank Collapse: Understanding Your Vendors' Banking Relationships and Operational Resiliency

Join this webinar that will discuss what your next steps should be after the SVB collapse and a proactive approach to talking with your vendors. Also gain a bigger picture of your vendors' financial health and operational resiliency.?

March 30, 2023 | Basic | 11am?ET | Register Now

Vendor Financial Red Flags Your Credit Union Should Watch For

As part of TPRM, you should periodically review your vendor's financial statements and monitor financial performance. To protect your credit union, you'll learn some red flags to watch for related to financial health so you can take the appropriate action to reduce that risk.?

March 30, 2023 | Basic | 2pm ET | Register Now

Fourth-Party Risk: What to Know and How to Manage It

Third-party risk management doesn't stop with your third parties. Do you know who your fourth parties are and the risks they pose to your organization? In this webinar, learn more about fourth and nth-party relationships and what it takes to identify them and manage their associated risks.

April 4, 2023 | Basic | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.