Results for "trust but verify"

“Trust, but Verify” Model of Third-Party Risk Management


The “Trust, but Verify” model has become the gold standard process in third party assessments. The “Trust” component of the model is typically facilitated through a query instrument (e.g., a questionnaire), a means by which the outsourcer can obtain the third party’s statement about its…

4 Best Practices For Zero Trust in TPRM


by Kristen Hicks | March 3, 2022 | Data & Cybersecurity, Third Party Risk Management

Most humans want to go into interactions assuming the other party is trustworthy. For many of us, our impulse is to believe the best in people. But in the world we live in today, trust can’t be assumed. The risks are too high.  That’s true…

What are ‘Misinformation, Disinformation, and Malinformation’ (MDM) Incidents?


by Eric Krell, What are ‘Misinformation, Disinformation, and Malinformation’ (MDM) Incidents? | March 4, 2022 | Best Practices

What are 'Misinformation, Disinformation, and Malinformation' (MDM) incidents? Days before Russia invaded Ukraine, the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) warned organizations about foreign influence operations that leverage misinformation, disinformation, and malinformation (MDM). The guidance encouraged risk professionals to use…

2022 Third-Party Risk Management TPRM Toolkit FAQs


February 16, 2022 |

Standardized Information Gathering (SIG) (more…)

Risk Management and SOC Reports: Hung By The Chimney With Care


by Christopher Campbell, Colleen Milazzo | December 15, 2021 | Standardized Control Assessment (SCA), Tools & Templates

December seems to be a month fixated on fancy footwear. On Christmas Eve, some of us will “hang stockings by the chimney with care.” On December 4, a few of us celebrated the fringe awareness event “National Sock Day” commemorating “those rarest of socks that…