by Kristen Hicks | March 16, 2022 | Business Resiliency, Data & Cybersecurity
The work of third-party risk management (TPRM) is ongoing. The moment a business ceases to actively work on protecting itself from risk, it falls behind. In part, that’s because world events and the tactics employed by cybercriminals are continually changing in ways that impact third-party risk. B ....
by Eric Krell | March 15, 2022 | Cybersecurity, Data & Cybersecurity
A mid-March search for Ukraine scams on the Better Business Bureau’s (BBB’s) scam-tracking site yielded more than 100 reports of bad actors attempting to exploit the crisis by running fake donation campaigns in the U.S. and Canada. “The current situation is near and dear to many hearts, par ....
by Katherine Teodosio | March 14, 2022 | Education and Training, Shared Assessments
What Is A Certified Third Party Risk Assessor? A Shared Assessments Certified Third Party Risk Assessor is a risk professional with demonstrated knowledge, expertise and proficiency within specific IT risk control domains. CTPRAs are able to effectively use their knowledge to perform a comprehensiv ....
by Mark Rudio | March 10, 2022 | Cyberattacks, Cyberwarfare, Data & Cybersecurity
On Wednesday morning, March 9, 2022, Shared Assessments presented Threat Briefing: Russia’s War on Ukraine, A National Security Perspective, an hour-long webinar featuring a conversation with renowned counter-terrorism expert Richard A. Clarke and Shared Assessments CEO Andrew Moyad. About Rich ....
by Mark Rudio | March 7, 2022 | Shared Assessments
Responding to the increasing relevance of Environmental, Social, and Governance (ESG) for TPRM practitioners around the globe, last month Shared Assessments launched a new ESG Team that will play an instrumental role in gathering, analyzing, and sharing information to help our members define metrics ....
by Eric Krell | March 4, 2022 | Best Practices
What are 'Misinformation, Disinformation, and Malinformation' (MDM) incidents? Days before Russia invaded Ukraine, the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) warned organizations about foreign influence operations that leverage misinformatio ....
by Kristen Hicks | March 3, 2022 | Data & Cybersecurity, Third Party Risk Management
Most humans want to go into interactions assuming the other party is trustworthy. For many of us, our impulse is to believe the best in people. But in the world we live in today, trust can’t be assumed. The risks are too high. That’s true for individuals, but it’s arguably even more impor ....
by Mark Rudio | February 24, 2022 | Data & Cybersecurity
What is 'IT Governance (ITG)'? The principles and best practices of IT Governance (ITG) have a single, straightforward goal: provide the enterprise with the means and support to achieve its goals for its customers and stakeholders. It is a purposeful practice in which investment should generate v ....
by Mark Rudio | February 23, 2022 | Data & Cybersecurity
On February 2, 2020, the U.K.’s Information Commissioner's Office (ICO) presented final versions of the following documents to Parliament: International Data Transfer Agreement (IDTA); an addendum (Addendum ) to the EU’s standard contractual clauses for international data transfers; and an addit ....
by Eric Krell | February 22, 2022 | Third Party Risk Management
Management guru Peter Drucker distilled the discipline of innovation into a set of enabling components, or “innovation opportunities.” These building blocks remain as relevant as ever, and they also apply to the field of third party risk management (TPRM). The first four enablers -- unexpecte ....