by Kevin Hermosura | Sep 24, 2019 | Third Party Risk Management
You’re a salesperson. You’ve spent untold hours cultivating an awesome prospect: wining and dining, arranging presentations, making site visits, and so on and on. The contract is all but signed. Then the prospect hands you a security questionnaire. For them, it’s just... by Kevin Hermosura | Aug 15, 2019 | Third Party Risk Management
With the average cost of a vendor data breach reaching $3.92 million, organizations are looking for stronger vendor risk management (VRM). If your organization is looking to address VRM but you’re new to the process, a vendor security questionnaire (also referred to... by Kevin Hermosura | Jun 28, 2019 | Third Party Risk Management
Recently I earned a Certified Third Party Risk Assessor (CTPRA) designation from the Shared Assessments Program. This certification intends to validate my knowledge “…within specific IT risk control domains that an individual will need in order to perform a thorough... by John Verry | May 10, 2019 | Third Party Risk Management
Managed service providers (MSPs) are popular with SMBs/SMEs for good reason. They can often maintain an organization’s network, applications and/or security posture better than many in-house IT departments can, and at a lower cost. They benefit from economies of... by John Verry | Apr 22, 2019 | Third Party Risk Management
The Wipro Data Breach There is an evolving story that Wipro has been breached, and the attackers have used their foothold in Wipro to launch attacks against at least twelve Wipro clients. As one of the largest IT outsourcing /services providers in the world, Wipro has... by Chris Dorr | Apr 16, 2019 | Third Party Risk Management
Editor’s Note: This post was originally published in April 2017. It has been updated to reflect the name change from AUP to SCA. A Standardized Control Assessment document (formerly known as an Agreed Upon Procedures document) is a great tool for third-party risk...
