by John Verry | May 10, 2019 | Third Party Risk Management
Managed service providers (MSPs) are popular with SMBs/SMEs for good reason. They can often maintain an organization’s network, applications and/or security posture better than many in-house IT departments can, and at a lower cost. They benefit from economies of... by John Verry | Apr 22, 2019 | Third Party Risk Management
The Wipro Data Breach There is an evolving story that Wipro has been breached, and the attackers have used their foothold in Wipro to launch attacks against at least twelve Wipro clients. As one of the largest IT outsourcing /services providers in the world, Wipro has... by Chris Dorr | Apr 16, 2019 | Third Party Risk Management
Editor’s Note: This post was originally published in April 2017. It has been updated to reflect the name change from AUP to SCA. A Standardized Control Assessment document (formerly known as an Agreed Upon Procedures document) is a great tool for third-party risk... by John Verry | Apr 15, 2019 | Third Party Risk Management
Editor’s Note: This post was originally published in June 2013. It has been updated to reflect the name change from AUP to SCA. It seems that when most people hear “Shared Assessments” they immediately think of Vendor Risk Management. While that thought process is... by Kevin Hermosura | Apr 11, 2019 | Third Party Risk Management
Recently I came across this blog post, which raises concerns that Amazon Web Services (AWS), a major player in many government cloud contracts worldwide—including the US Department of Defense—may be outsourcing security services to a company run by Russian mobsters.... by Kevin Hermosura | Apr 5, 2019 | Third Party Risk Management
When it comes to vendor risk management questionnaires, less can definitely be more. In this post, I’ll share three value-add tips on why and how to streamline your vendor review process and reduce the length of your questionnaires while maintaining a high level of...
