Featured

Common Third-Party Risk Management Challenges for Organizations



Published
Join Nick Rafferty, Matt Davies and Yang Zheng of SureCloud, for a discussion of the most common third-party risk management challenges that they see on consulting engagements.

To learn more visit https://www.surecloud.com/grc-products/third-party-risk-management

Timestamps:

0:00 Introductions
0:13 Why do organizations undertake a third-party risk management program?
0:52 Are organizations focused on risk reduction or simply satisfying compliance requirements?
2:54 Do organizations have a joined-up approach to TPRM?
4:36 Are TPRM programs stand-alone or integrated?
6:16 How should organizations decide what to include when assessing vendors?
7:41 How should organizations decide which vendors to assess?
9:42 Should organizations be assessing the vendors associated with specific projects?
12:14 Are there benefits in integrating TPRM with other GRC programs?
13:40 Is it possible to assess your vendors to the same security levels your organization adopts internally?
18:33 What is the best way to create a question set for TPRM?
21:50 How should organizations design a post-assessment program?
27:54 What are the main areas of misunderstanding within TPRM programs?
31:51 Summary and close
Category
Management
Be the first to comment