This message was posted by a user wishing to remain anonymous Hi Everyone, at my company (large global insurance company) we are looking in to broadening processes and controls around data sent to third parties. I'm wondering if anyone as ...
This message was posted by a user wishing to remain anonymous This is a fairly dated response but I thought of one thing to add. I agree with the approach Debbie stated, first of all. In a prior shop where I worked, we established criticality ...
Hannah, Thank you for the thoughtful response. Vendor attestations are not something I had considered before, so I really appreciate the recommendation. We can absolutely incorporate language into our onboarding platform, Zip, through the ...
Tiffany, What you're describing is one of the more challenging issues in TPRM right now, and I don't think training or annual check-ins will fix it on their own. Not because they aren't valuable, but because the bigger gap is timing. ...
Hi, we do assessments based on the inherent risk rating of High every year, medium every 2 years and low every 3 years. The category managers are responsible for going in an initiating the assessment. I like to provide my category managers a ...
This Week's Power Users
Join a community dedicated to an area of third-party risk including contracts, infosec, risk assessments, policies, and more.
Gain TPRM knowledge fast. Read through these latest blog articles.
Meet, connect, and network with other users using the same third-party risk tool as you - get support and share new ideas and best practices.
Download the latest guides, infographics, samples, whitepapers, checklists, and more that can help guide you through best practices on third party risk. Visit Resources
Register and join live webinars to learn current trends and best practices from knowledgeable experts.Register Now