Get insights about the industry and gain knowledge from our experts
Prevalent’s Third-Party Risk Management platform offers a complete framework for implementing policy management, auditing and reporting related to the third-party risk requirements of ISO 27001, 27002 and 27018.
Agencies that make up the FFIEC prescribe best practices and a standardized approach for all field examiners conducting audits. Financial institutions should use these as a blueprint when preparing for an examination.
Complying with HIPAA legislation requires a complete, internal view of third-party security and privacy controls; something that simply can't be addressed with an external scan.
Organizations should take proactive measures and upgrade their third-party risk frameworks as per GDPR compliance to mitigate data privacy risk.
The FCA defines guidance for selecting secure outsourced IT vendors. Discover the key criteria for compliance here.
Office of the Comptroller of the Currency Bulletins provide guidance on assessing and managing third-party risk. Learn the key criteria for compliance here.
The New York SHIELD Act will go into effect in March 2020 with several implications for third-party risk management.
New York State Department of Financial Services (DFS) 23 NY CRR 500 is designed to protect the confidentiality, integrity and availability of financial services customer information. Here's what you can do to comply.
This is the first blog in a series entitled Third-Party Risk Management: How to Stay Off the Regulatory Radar. Each week, we will analyze a regulation, industry standard, or security framework that requires organizations to adopt a third-party risk management program to tighten …
It’s been just over a year since the EU General Data Protection Regulation (GDPR) went into effect. Since then, many organizations have sought out silver-bullet tools to determine if their third-party ecosystems are sufficiently protecting their data – and thereby their brand …