Third Party Thursday - November 16, 2023

This week's Third Party Thursday is here! Take some time to catch up on third-party risk management happenings. Check out industry articles, educational resources, and more below.

As the impact of data breaches continues to grow, regulators are looking to strengthen cybersecurity practices and create new reporting requirements for vendors. Denmark experienced its largest cyberattack with a third-party ransomware attack on its energy infrastructure. Healthcare also saw one of its largest data breaches with an attack on a third-party provider. It’s crucial to follow third-party risk management best practices to lessen the possibility of data breaches.

Software supply chain security has become a top priority for both developers and CISOs, and it’s increasingly important to assess software vendors before signing a contract. There are key questions to ask technology vendors that can help ensure a productive relationship. Be sure to read all of this week’s news and headlines.?

Read More

Infographic: Creating a Vendor Risk Management Program That Protects Your Organization

Blog: The Power of Third-Party Risk Management in the Energy Industry

Blog: Third-Party Risk Examples

On-Demand Webinar: How to Create and Use Key Third-Party Risk Management Metrics

Infographic: The Differences Between Vendor Assessments, Questionnaires, Due Diligence, and Continuous Monitoring

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Reputation Risk: "How do you screen for vendor reputation risk?" Help Answer
• Online Software Subscriptions/Tools That Refuse to Complete Questionnaires: "We have several small software vendors who refuse to complete due diligence requests unless we become enterprise clients. Are there any best practices or other alternatives to evaluate vendors like this who won't complete due diligence requests?" Help Answer
• Leveraging Data Classification Policies to Drive Informational Risk Assessments: "What are some best practices within a risk assessment questionnaire to capture different categories of information being shared?" Help Answer

How to Manage Vendor Issues and Challenges

Issue management involves identifying, managing, and tracking vendor issues and taking a strategic approach to resolve the problem. A failure to identify and address vendor issues promptly and efficiently will only cause more problems down the line. Register for this session to learn more about issue management.

November 28, 2023 | Basic | 11am ET | Register Now

Regulatory Riddle or Common Sense: Decoding Third-Party Risk Regulatory Perspectives, Themes, and Expectations

In this webinar, we’ll talk through interpreting regulatory requirements and identifying common regulatory themes, thinking like an auditor or regulatory examiner, and self-auditing your third-party risk management program.?

December 5, 2023 | Basic | 11am ET | Register Now

Third-Party Risk Management Best Practices for 2024

Let's finish off the year with a review of the third-party risk management challenges and lessons learned in 2023! We’ll also explore what might be on the third-party risk horizon for 2024 and beyond, as well as some key aspects of an effective third-party risk management program.

December 12, 2023 | Basic | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.