The Risk Register

Latest release integrates outside-in monitoring with inside-out assessment; extends TPRM data to other solutions via new RESTful API

Organizations should take proactive measures and upgrade their third-party risk frameworks as per GDPR compliance to mitigate data privacy risk. 

The FCA defines guidance for selecting secure outsourced IT vendors. Discover the key criteria for compliance here. 

Office of the Comptroller of the Currency Bulletins provide guidance on assessing and managing third-party risk. Learn the key criteria for compliance here. 

The New York SHIELD Act will go into effect in March 2020 with several implications for third-party risk management.

It is difficult to predict when or where data breaches will occur, but by utilizing a continuous cyber and business risk monitoring platform, you can gain greater visibility into potential red flags that can indicate data security issues. 

New York State Department of Financial Services (DFS) 23 NY CRR 500 is designed to protect the confidentiality, integrity and availability of financial services customer information. Here's what you can do to comply.

Law firms have a responsibility to their clients to maintain the highest levels of security for the sensitive information in their care. This basic concept holds true whether you are an AM Law Top 50 firm or one with much smaller annual revenue targets. Private client data and …

With an average of 30,000 different parts required to build a single vehicle, you can imagine the complex processes and supply chain coordination necessary to manufacture automobiles on a global scale. These supply chains, with countless third-party manufacturers and service …

This is the first blog in a series entitled Third-Party Risk Management: How to Stay Off the Regulatory Radar. Each week, we will analyze a regulation, industry standard, or security framework that requires organizations to adopt a third-party risk management program to tighten …

On July 16, 2019, U.S. mobile network operator Sprint announced a serious security breach that exposed sensitive information of an unknown number of customers’ information. Hackers gained unauthorized access in late June through a third-party website —Samsung’s “add a line” …

It’s been just over a year since the EU General Data Protection Regulation (GDPR) went into effect. Since then, many organizations have sought out silver-bullet tools to determine if their third-party ecosystems are sufficiently protecting their data – and thereby their brand …