Blog

Many moons ago when I was in internal audit a friend of mine who was an application manager within the same company brought me an interesting request; he wanted me to audit his application. I was a bit befuddled, and when I asked “why" he informed me that his application contained the formulations ....

Goodwill Industries recently fell on bad times when a vendor’s system was attacked by malware, giving criminals access to payment card information—names, payment cards, and expiration dates ((http://www.goodwill.org/press-releases/goodwill-provides-update-on-data-security-issue/)). This appears ....

PRESS RELEASE: Contact: Lisa MacKenzie, MacKenzie Marketing Group, 503-705-3508, lisam@mackenzie-marketing.com or Kelly Stremel, kellys@mackenzie-marketing.com Certification Program Developed Specifically for Risk Professionals The Certified Third Party Risk Professional (CTPRP) Designation Vali ....

Like everyone else glued to the media outlets this past week regarding the Home Depot breach I was softly sobbing to myself “here we go again” particularly after I just made a visit and a purchase with my credit card. However, this discussion isn’t about the Home Depot breach, but rather a les ....

Part I in a series In less than eighteen months, there has been more industry guidance and updated regulations regarding third party risk than at any other juncture in the evolution of governance within the financial services industry. Media attention from retailer breaches and enforcement actions ....

The need for community banks to be particularly attentive to third party risks was underscored yesterday in a speech by the Controller of the Currency’s Thomas Curry. Smaller institutions tend to be more dependent on third parties for IT services. Curry noted that reliance on third parties for IT ....