As companies continue to outsource more aspects of their operations to third parties, they expose themselves to more shared risk. Most organizations understand the need to automate vendor risk management (VRM) activities to keep up with increasing scope and scrutiny. Yet they struggle to identify and prioritize the key features their VRM solution must provide so they can make a significant impact quickly.

To help with this challenge, this checklist outlines features to look for in a VRM solution and explains key areas where you can start mitigating vendor risk today, including:

• vendor risk assessment workflows
• vendor engagement
• architecture & infrastructure
• risk reporting requirements

Third-party risk management (TPRM) is a hefty responsibility, with threats and challenges coming from all directions. According to a 2018 study, 59% of companies surveyed experienced a data breach caused by a third-party. And 22% of respondents admitted they were unsure if they’d even had one in the past 12 months. Does your organization fall into either of these groups?

Join us tomorrow to learn why so many third-party risks remain hidden. You’ll also get a practical framework to uncover, document, and manage the unknown unknowns—the vendor risks you’re not even aware of.

You'll learn:

In today's unpredictable landscape, risk management is top of mind for every organization. It should also be the north star of today’s information security teams as the days of simply being compliance-focused are behind us. But, how can cybersecurity functions shift their efforts amidst today’s new challenges and the persistent pain of resource-strapped teams?

Join this 60-minute, CPE-approved webinar to discover how risk fits into the context of cybersecurity and how automation can help drive your team's value to the business, especially during this unprecedented time.

The reality of modern organizations is that certain business activities need to be outsourced to vendors—each with their own risks. These risks can be reduced with a solid onboarding process, but having the process alone isn’t enough. Organizations must rely on their internal audit team to confirm they’re engaging with the right vendors, in the right ways.

Get this white paper for tips on how audit can provide oversight to strengthen your VRM program in these five areas:

Managing IT risk fundamental to business objectives. But organizations often struggle with how to do it effectively with constantly evolving IT assets, regulations, and data. The result? IT security and risk teams that are confused about their roles, and how to best manage IT risk.

In this CPE webinar, Matt Kelly from Radical Compliance will explore how to understand the sources of IT risk in your organization—and how to assign responsibility over risk assessment, mitigation, and monitoring among the business functions involved.

You'll learn:

Operational resilience is an organization’s ability to keep providing services to customers, despite a sudden disruption. Previously, that idea was synonymous with business continuity or disaster recovery. But thanks to advances in technology and the digital transformation of business processes, operational resilience has now evolved into a blend of business continuity, vendor risk management, cybersecurity, and more.

In this eBook we explore how risk assurance professionals can approach operational resilience. You’ll also discover what regulators want to know about it, who should own the program, and how to assess and test for operational resiliency in your organization.

You’ll also discover:

• What boards and regulators want to know about operational resilience.
• Who should own operational resilience—and the roles risk assurance and management functions play.
• How to assess and test for operational resilience.

Data is at the core of all organizations. But acquiring and managing an ever-increasing amount of data can be challenging for many resource-strapped IT teams. Adding to the pressure are increasingly complex data compliance regulations and the looming risk of financial and reputation damage if sensitive data is misused.

Automated governance technology solutions that combine data analytics to detect digital risk with workflows to map, assign, assess, and remediate actions are the key to easing data compliance challenges.

Download this white paper to see how technology can help IT risk and data managers work to overcome the top five data compliance challenges including:

Prevent risk in your company’s supply chain

Company supply chains have become more global and digital, adding complexity and increasing risks. In today’s uncertain market, just a single weak link in the chain can expose your organization to major financial, regulatory, operational, and reputational risks.

Download this eBook to see how companies are using technology to gain visibility into vendors and automate the risk management processes.

This eBook includes:

• A 7-step guide to improving supply chain visibility
• The top 10 non-pandemic supply chain risks of 2020
• A look at NIST's new Risk Management Framework

Organizations around the world are struggling to recover from COVID-19 business disruptions. Information security and risk teams are rethinking how the business will operate, how to address new risks, and how to efficiently execute IT risk plans with limited resources. But, how do you get buy-in from stakeholders with other priorities?

Watch this on-demand webinar to hear how your peers are addressing new and emerging IT risk⁠—and apply their learnings to your organization. You'll discover how a large healthcare insurance company has automated routine tasks to free up resources and how they’ve reported IT risk data to drive better decision-making.

Takeaways: