Reputation is the currency by which organizations work and survive. Organizations that build and maintain positive reputations gain competitive advantage and credibility. Our newest briefing paper offers practical guidance for managing reputation risk by providing a TRPM Reputation Risk Framework wh ....
This series affirms the value of having Third-Party Risk Management (TPRM) and Procurement/Sourcing actively engaged as partners in vendor management. Part 2: Supplier/Vendor Contracts describes contracts as being fundamental in identifying, selecting, mitigating, and minimizing exposures and risks ....
This series affirms the value of having Third-Party Risk Management (TPRM) and Procurement/Sourcing actively engaged as partners in vendor management. Part 1: Supplier/Vendor Lifecycle explores the benefits of business units sharing responsibility for vetting, onboarding, monitoring, renewing, and t ....
Iron Mountain is a recognized leader for storage and information management services around the world. This paper describes Iron Mountain's journey to achieving peak Standardized Information Gathering (SIG) Questionnaire adoption. While utilizing the SIG, Iron Mountain experienced significant reduct ....
This paper provides process and program guidance on meaningful, incremental improvements for organizations of all sizes, whether operating locally or globally. The content is designed for both beginning and seasoned security and TPRM practitioners, with an introduction to help inform C-Suite and Boa ....
When scoping your Vendor Risk Questionnaires, which SIG should you use? The SIG offers three tiering structures - the SIG LITE, the SIG CORE, and the SIG Detail Questionnaire. This paper defines each of the tiers and their use cases. ....
In our 2023 Third-Party Risk management Product Suite, we have 131 questions that cover Environmental, Social, Governance (ESG) within the Standardized Information Gathering (SIG) Questionnaire. ESG is now its own risk domain which allows users to scope an ESG-specific SIG. You will be able to co ....
In and outside of work, the Covid-19 pandemic was a mandatory exercise in flexibility. What are the workplace shifts we see impacting third-party risk management as we emerge from the pandemic? This guide emphasizes how the pandemic has affected profile and management of third parties by: ....
This guide introduces and defines 21 of the most critical and current risk domains within four key areas. The guide describes why organizations need to acknowledge each risk domain and offers concrete suggestions of how organizations can account for risks presented by each domain. ....
Impact of Covid-19 On Profile and Management of Third Parties In and outside of work, the Covid-19 pandemic was a mandatory exercise in flexibility. What are the workplace shifts we see impacting third-party risk management as we emerge from the pandemic? This FREE guide emphasizes how the pandem ....
