Building Third Party Best Practices: Continuous Monitoring
in a dynamic operational environment
A well-designed continuous monitoring program can provide a real-time or close to real-time picture of the state of security both internally and externally at the third party level. As the OCC has stated in guidance over more than a decade: “Without a repeatable, automated process in place that incorporates best practices, organizations cannot create sustainable vendor lifecycle management programs.” Recent surveys reveal that organizations anticipate major or moderate improvements from continuous monitoring of vendors, which include the ability to:
- Compare security postures.
- Screen vendors more effectively.
- Reduce time required for security event identification, remediation and response.
- Improve working relationships with all stakeholders.
- Improve the outsourcer’s risk posture.
Overall operational and security efficiency can be expected from programs that employ continuous monitoring due to refocused resource use that results in operational optimization, and provide continuous visibility of issues that drives improved risk prioritization and response to issues, as well as leveraging of common control providers. To obtain a copy of this paper, please complete the form below. A download link will be sent upon receipt of submission to the email address provided.