by Kevin Hermosura | Sep 24, 2019 | Third Party Risk Management
You’re a salesperson. You’ve spent untold hours cultivating an awesome prospect: wining and dining, arranging presentations, making site visits, and so on and on. The contract is all but signed. Then the prospect hands you a security questionnaire. For them, it’s just... by Kevin Hermosura | Aug 15, 2019 | Third Party Risk Management
With the average cost of a vendor data breach reaching $3.92 million, organizations are looking for stronger vendor risk management (VRM). If your organization is looking to address VRM but you’re new to the process, a vendor security questionnaire (also referred to... by Kevin Hermosura | Jun 28, 2019 | Third Party Risk Management
Recently I earned a Certified Third Party Risk Assessor (CTPRA) designation from the Shared Assessments Program. This certification intends to validate my knowledge “…within specific IT risk control domains that an individual will need in order to perform a thorough... by Kevin Hermosura | Apr 11, 2019 | Third Party Risk Management
Recently I came across this blog post, which raises concerns that Amazon Web Services (AWS), a major player in many government cloud contracts worldwide—including the US Department of Defense—may be outsourcing security services to a company run by Russian mobsters.... by Kevin Hermosura | Apr 5, 2019 | Third Party Risk Management
When it comes to vendor risk management questionnaires, less can definitely be more. In this post, I’ll share three value-add tips on why and how to streamline your vendor review process and reduce the length of your questionnaires while maintaining a high level of...
