Third Party Thursday - October 10, 2024

We've gathered third-party risk management news and resources that you should check out to be in the know. Take a few minutes out of your busy day to check out the information below.

The Financial Industry Regulatory Authority (FINRA) highlighted third-party cybersecurity risks in an advisory. The Office of the Comptroller of the Currency (OCC) listed third-party risks as a key focus area, particularly fintech relationships. Ivanti warned organizations of three vulnerabilities being actively exploited and advised to update to the latest version.

A third-party ransomware attack impacted customers at Comcast. Cybersecurity and third parties are becoming a bigger risk in the insurance industry. Organizations should consider following third-party risk management best practices to help prevent third-party cybersecurity incidents. Read this week’s third-party risk management news here.?

Read More

eBook: How-to Guide: Determining Third Parties or Vendors That Are In Scope and Out of Scope

On-Demand Webinar:?Third-Party Risk Management Bootcamp

eBook:?How Outsourcing Benefits Both New and Maturing Third-Party Risk Management Programs

Blog:?Supplier Business Continuity Planning: Ensuring Operational Resilience

Blog: 4 Benefits of Outsourcing Third-Party Risk Management

Blog:?Mastering Operational Risk: A Guide for Financial Institutions

Infographic: 7 Layers of Protection Against Third-Party Cybersecurity Risk

Check out the latest discussions in our complimentary online community dedicated to third-party risk professionals. Visit?www.thirdpartythinktank.com to register and sign in.

• Critical Vendor Tasks: "For critical vendors, does anyone collect a GLBA Privacy Statement and Information Security Policy from your vendors annually as part of your ongoing monitoring?" Help Answer
• Exempt Third Parties: "Are there certain vendors your organization excludes from inputting into third-party software?" Help Answer
• Beneficial Ownership: "How many organizations collect beneficial ownership information in the inherent risk assessment/intake form when onboarding a vendor?" Help Answer

Staffing Your Third-Party Risk Management Program

Third-party risk management programs often struggle with understaffing, hindering their ability to function optimally. In this session, we'll discuss the factors your organization must consider to appropriately staff your third-party risk management function.

October 15, 2024 | Intermediate | 2pm ET | Register Now

Understanding the Elements of Your Vendor's Cybersecurity Program

In today's world, cyberattacks and data breaches are becoming more common, so it's essential to understand the cybersecurity program of your vendors. In this session, we'll discuss vendor cybersecurity posture and its importance, what you should be requesting and reviewing from your vendors, and more.

October 24, 2024 | Basic | 11am ET?| Register Now

Using SLAs and KPIs for Effective Vendor Performance Management

Vendor performance is an essential part of third-party risk management, and SLAs and KPIs are valuable tools in the performance management process. In this informative session, we'll provide an overview of the vendor performance management process, how to monitor and manage performance, and more.

November 5, 2024 | Intermediate | 2pm ET | Register Now

Like what you read? Don't forget to click 'Subscribe' in the top right corner of the page for weekly third-party risk management updates, news, resources, and upcoming webinars.