Shared Assessments’ Vertical Strategy Groups (VSGs) from the Asset Management, Financial Institution and Insurance sectors have been exchanging views on Vendor Performance in the post COVID-19 landscape. The VSG groups have approached Vendor Performance from a radar...
Third-Party Risk Management programs need to support the requirements from both the Procurement and CISO (Chief Procurement Officer and the Chief Information Security Officer). It is essential that these individuals along with their teams understand the risk that...
The death of George Floyd is a tipping point that all the world witnessed and they are moving to act. Words are not enough. We all need to take action in whatever ways we can – from speaking out when we see some injustice, to donating to social justice groups, to...
Third Party Environmental Risks are here to stay. With a busy hurricane season threatening to compound pandemic-related business challenges, environmental risk management is all the more important. This blogpost is about what Shared Assessments is...
In 1964, the average tenure of companies on the S&P 500 was 33 years. In 2016, that average tenure decreased to 24 years. By 2027, according to the consulting firm Innosight, companies will remain on the S&P 500 for an average of only 12 years. This “corporate...
The recent surge in ransomware attacks on U.S. cities and companies has data security and privacy professionals as well as third party information security leaders scrambling for better defenses and responses. This need is focusing more attention on cybersecurity...
When someone who has operated across multiple risk and regulatory realms for three decades notes that companies and their vendors have been thrust into a new era of data privacy, it’s worth bearing in mind. The Santa Fe Group Senior Vice President and CSO Brad...
The world of third party risk (TPR) is a big place. It encompasses numerous industries, is governed by a variety of laws and regulations, and reaches around the globe. Given this substantial diversity in the TPR ecosystem, establishing standards that appeal to the...
Organizations Don't Know What They Don't Know About Internet of Things Risk In a chilling interrogation video, a suspect describes hacking into Silicon Valley startup Aupticon via a third party weak point and an inviting Internet of Things (IoT) security hole. “They...
“My dear, here we must run as fast as we can, just to stay in place. And if you wish to go anywhere you must run twice as fast as that.” -Lewis Carol, Alice in Wonderland As they assess today’s complex risk and regulatory environments, third party risk...