The reality of modern organizations is that certain business activities need to be outsourced to vendors—each with their own risks. These risks can be reduced with a solid onboarding process, but having the process alone isn’t enough. Organizations must rely on their internal audit team to confirm they’re engaging with the right vendors, in the right ways.
Get this white paper for tips on how audit can provide oversight to strengthen your VRM program in these five areas:
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Data is at the core of all organizations. But acquiring and managing an ever-increasing amount of data can be challenging for many resource-strapped IT teams. Adding to the pressure are increasingly complex data compliance regulations and the looming risk of financial and reputation damage if sensitive data is misused.
Automated governance technology solutions that combine data analytics to detect digital risk with workflows to map, assign, assess, and remediate actions are the key to easing data compliance challenges.
Download this white paper to see how technology can help IT risk and data managers work to overcome the top five data compliance challenges including:
How to navigate through numerous confusing compliance requirements
Ways to collaborate with siloed business units to reduce disparate data and inconsistent processes
How to demonstrate up-to-date compliance information to stakeholders
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
The Forrester Wave™: Third-Party Risk Management Platforms, Q4 2020 report
To manage today’s heightened third-party risk, proactive GRC teams are embracing artificial intelligence, machine learning, and robotic process automation carry out due diligence. This ensures their third-party network remains a competitive advantage.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Organizations around the world are struggling to recover from COVID-19 business disruptions. Information security and risk teams are rethinking how the business will operate, how to address new risks, and how to efficiently execute IT risk plans with limited resources. But, how do you get buy-in from stakeholders with other priorities?
Watch this on-demand webinar to hear how your peers are addressing new and emerging IT risk—and apply their learnings to your organization. You'll discover how a large healthcare insurance company has automated routine tasks to free up resources and how they’ve reported IT risk data to drive better decision-making.
Takeaways:
Key factors that enable teams to effectively execute IT risk plans during a crisis.
How to effectively communicate new IT threats, vulnerabilities, and mitigation plans to executives.
Considerations for automating routine tasks.
The role technology and data plays in communicating and executing sound IT risk management during a crisis.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
New 2020 Gartner Report Evaluates IT Vendor Risk Management Solutions
The 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools is now available. This report evaluates 23 solutions within the IT Vendor Risk Management (VRM) landscape, based on each vendor’s completeness of vision and ability to execute. This report can be utilized as a resource in the IT VRM software solution decision-making process to better understand the Vendor Risk Management landscape.
See which vendors were evaluated and understand how they are placed in terms of ability to execute and completeness of vision. Download your complimentary copy of the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools now.
Gartner, Magic Quadrant for IT Vendor Risk Management Tools, August 24, 2020, Joanne Spencer and Edward Weinstein
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from ProcessUnity. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
White paper: Audit oversight for onboarding vendors
Current supply chain uncertainty and a largely remote workforce can lead to vendor onboarding processes being circumvented or overlooked. This is especially true if your organization’s partners have changed due to COVID-19. Your internal audit colleagues can provide critical oversight to maintain due diligence over third-party risk—so you can focus on other areas.
Download this white paper to understand why audit and risk teams should collaborate to keep up with due diligence. You’ll also learn how to:
Review program resources and ensure the right ones are involved.
Use automation to perform more assessments and manage remediations.
Communicate effectively about SLAs to minimize service disruptions.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
What no one tells you about third-party risk: How to embrace the unknowns
Third-party risk management (TPRM) is a hefty responsibility, with threats and challenges coming from all directions. According to a 2018 study, 59% of companies surveyed experienced a data breach caused by a third-party. And 22% of respondents admitted they were unsure if they’d even had one in the past 12 months. Does your organization fall into either of these groups?
Join us tomorrow to learn why so many third-party risks remain hidden. You’ll also get a practical framework to uncover, document, and manage the unknown unknowns—the vendor risks you’re not even aware of.
You'll learn:
How get buy-in from stakeholders to push through your TPRM improvement efforts.
Which untapped data sources can reveal unknown third-party risks.
A step-by-step approach to uncover, document, and manage unknown risks.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Galvanize named a leader in the 2020 Gartner Magic Quadrant for IT risk management
Digital regulations are evolving, cybersecurity issues are on the rise, and IT risk management has become a board-level discussion. As an IT GRC professional—with competing priorities on your plate—you understand the need for an IT risk management (ITRM) solution that provides you with an aggregate view of risk to inform better decision-making. But with so many solutions available in the market, how do you decide which ones to consider?
The Gartner Magic Quadrant for IT Risk Management, is an annual evaluation of the competitive landscape for the IT risk management technology market. Gartner recommends using this report to “evaluate the opportunities and challenges in automating IT risk decision making.” Discover what to look for when selecting an ITRM solution.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Cybersecurity is a top concern for boards—meaning CISOs finally have a seat at the table. But, information security and risk management leaders are expected to flawlessly managing hundreds of tools while foreseeing risk and compliance issues, and have the ability to explain complex issues to non-technical board members.
Download this eBook for practical tips on how to communicate with the C-suite and board to provide them with visibility into your IT risk and compliance posture. You’ll also discover strategies to win more budget and capacity for your cybersecurity function. In this eBook, you’ll discover:
The top six challenges facing CISOs today.
What’s defining our current cyber-risk landscape.
Strategies to win more budget and capacity for your cybersecurity function.
Common questions to anticipate from the board (and how to respond to them).
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Webinar: How to adopt a disciplined approach to identify and manage IT risk
Managing IT risk fundamental to business objectives. But organizations often struggle with how to do it effectively with constantly evolving IT assets, regulations, and data. The result? IT security and risk teams that are confused about their roles, and how to best manage IT risk.
In this CPE webinar, Matt Kelly from Radical Compliance will explore how to understand the sources of IT risk in your organization—and how to assign responsibility over risk assessment, mitigation, and monitoring among the business functions involved.
You'll learn:
The key forces that are driving an increase IT risk today,
How to assign ownership of IT risk,
How InfoSec and Audit teams can work together to build a strong IT risk management approach,
What to look for in IT risk assessment technology.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
How to build credibility with the right approach to IT risk, vendor, and controls
Even in our technology-driven world, some still see information security as a rival to business objectives. So how can resource-strapped risk teams perform their duties while earning buy-in?
Join us tomorrow (September 23), to hear how cyber risk practitioners at an international law firm implemented IT risk management technology to increase the efficiency and impact of their small department. Learn how to:
Build a centralized risk registry with dashboard reporting.
Automate risk assessment processes for better visibility into vulnerabilities and vendor risk.
Facilitate smoother audits with continuous controls testing
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
How to maximize GRC technology, methodology, and use cases
To optimize business performance, organizations need GRC technologies that provide visibility into internal and external risks. But technology on its own isn’t enough! Organizations need to strategically marry their methodology, content framework, and use cases, with the technology in order to build a truly impactful GRC program.
Download this white paper to discover the most critical factors of a successful roll-out based on analysis of hundreds of GRC implementations. You'll also learn:
What factors to consider when choosing the right methodology and risk-rating system for your organization.
How to choose your IT risk management use cases based on the appropriate frameworks.
What to look for in a tool that supports your methodology, content, and use cases.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
