Third Party Thursday - February 16, 2023

Third-party risk news, resources, community discussions, and upcoming webinars have arrived. Check out the information below to stay up-to-date.

A well-known manufacturer is one of the latest malware attack victims. And it’s no surprise to hear that healthcare organizations are susceptible to the most third-party data breaches. With cybersecurity concerns on the rise, it’s surprising to learn that most organizations admit to ignoring threat intelligence when making cybersecurity decisions. Don’t forget that an important component of an organization’s cybersecurity posture is securing its domain name.

The race for consumer privacy laws continues as we inch forward to more state laws becoming effective. Is your organization and its vendors prepared? The SEC recently published a risk alert. Also, the FTC provided the CFPB with an annual summary of activities enforcing the ECOA. Read further in the blog to check out even more of the latest third-party risk management news.?

Read More

Check out recently released content.

eBook: 12 Ways You Can Improve Your Third-Party Risk Management Program

Blog: The Relationship Between Vendor Oversight and Complaint Management

Blog: Advocating for a 2023 Third-Party Risk Management Budget

Checklist: Vendor Contract Renewals

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit www.thirdpartythinktank.com to register and sign in.

• Third-Party Risk Management Staffing Models: "Is there any information regarding industry standards for TPRM staffing models?" Help Answer
• Techniques, Tools, and Technology Used for KPIs/KRIs: "From an Enterprise GRC, Enterprise Risk Management, and Third-Party Risk Management perspective, what/which techniques, tools, and tech are/would be used in the development and maturation of key performance indicators and key risk indicators?" Help Answer
• Management Company: "Should a management company be included in the vendor management program?" Help Answer

Risk-Based Vendor Due Diligence: Identifying Scope, Scale, and Documents

Effectively managing third-party risks requires risk-based due diligence tailored to the product or services as well as the level of risk. In this webinar, learn how to identify the right scope and scale for due diligence, what documents to collect, and how to deal with missing documentation.

?February 21, 2023 | Basic | 2pm ET | Register Now

Vendor Onboarding: How to Do It Correctly

An organization's vendor onboarding process should allow for identification of the right partner and is critical to the success of this future relationship. So, what does effective onboarding look like? In this webinar, learn more about finding new vendors and their subsequent onboarding.

February 28, 2023 | Intermediate | 2pm ET?| Register Now

Managing Your Vendor's Performance: Why It Matters and How to Do It

Vendor performance management is necessary not only to ensure the benefits of the relationship are realized, but is also an essential risk management tool. In this webinar learn more about performance management basics, SLA and KPI development, creating scorecards, and more.

March 7, 2023 | Basic | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.