LA skyline

Going Back 2 Cali: The Golden State Passes Two New Data Privacy/Security Laws

by Sabine Zimmer | October 26, 2018 | California Consumer Privacy Act (CCPA), Cybersecurity, Data & Cybersecurity, Internet of Things (IoT), Privacy, Public Policy, Regulations, Regulatory Requirements

The California State Legislature recently completed a data privacy/data security two-step by passing two new laws with significant third party risk management implications for a broad collection of companies. In late September, California enacted what some are referring to as the country’s firs ....

clock

The Clock is Ticking …It’s Time to Focus on Maturing Vendor Risk Management Programs

by Sabine Zimmer | September 19, 2018 | Data & Cybersecurity, Data Breach, Public Policy, Regulations, Third Party Risk Management, Tools & Templates, Vendor Risk Management Maturity Model (VRMMM)

Tick Tock. It’s that time of year again. Summer’s heat waves are retreating, school is in session, and budget planning is well underway for 2019 and beyond. Each year organizations typically take focused time during Q3/Q4 to evaluate their strategic plans; monitor the evolving risk environment; ....

The World is Looking to the US for Third Party Risk Guidance

August 30, 2016 | Regulations, Third Party Risk, Third Party Risk Management, Vendor Risk Management Benchmark Study

As more organizations here in North America and overseas increasingly utilize third party vendors with a global presence to perform critical functions, process key transactions and provide exposure to sensitive proprietary information, those organizations with mature third party risk (TPR) programs ....

Untitled 1

Shared Assessments in 2014: A Good Year with So Much Ahead

December 18, 2014 | Certified Third Party Risk Professional (CTPRP), Collaborative Onsite Assessment, Program Tools, Regulations, Standards

It has been an exciting time to participate in the Shared Assessments Program. Looking back at 2014, it has been a good, active year, with the rollout of our Certified Third Party Risk Professional (CTPRP) certification, our kick-off of the annual Vendor Risk Management Benchmark Study, the successf ....

Whither Bank Regulation: Are We There Yet?

October 14, 2014 | Regulations, Security

I began my banking career in 1978 at an eight-branch affiliate of a $3 billion bank holding company. One of my roles was security officer. The prevailing law addressing bank security is the Bank Protection Act of 1968. In 1978 the operative regulation implementing the Act was Regulation P (for Prote ....

How to Respond to the Regulation Avalanche

September 8, 2014 | Compliance, Regulations, Regulatory Compliance, Risk

As follow up to my previous blog on how the avalanche of regulation can stifle innovation in banks and credit unions, I wanted to share some ideas to start the discussion on organizational steps that you can take to enhance the risk and compliance culture. Maturing the processes internally, requires ....

Next Page »