What no one tells you about third-party risk: How to embrace the unknowns
Third-party risk management (TPRM) is a hefty responsibility, with threats and challenges coming from all directions. According to a 2018 study, 59% of companies surveyed experienced a data breach caused by a third-party. And 22% of respondents admitted they were unsure if they’d even had one in the past 12 months. Does your organization fall into either of these groups?
Join us tomorrow to learn why so many third-party risks remain hidden. You’ll also get a practical framework to uncover, document, and manage the unknown unknowns—the vendor risks you’re not even aware of.
You'll learn:
How get buy-in from stakeholders to push through your TPRM improvement efforts.
Which untapped data sources can reveal unknown third-party risks.
A step-by-step approach to uncover, document, and manage unknown risks.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Webinar: How to adopt a disciplined approach to identify and manage IT risk
Managing IT risk fundamental to business objectives. But organizations often struggle with how to do it effectively with constantly evolving IT assets, regulations, and data. The result? IT security and risk teams that are confused about their roles, and how to best manage IT risk.
In this CPE webinar, Matt Kelly from Radical Compliance will explore how to understand the sources of IT risk in your organization—and how to assign responsibility over risk assessment, mitigation, and monitoring among the business functions involved.
You'll learn:
The key forces that are driving an increase IT risk today,
How to assign ownership of IT risk,
How InfoSec and Audit teams can work together to build a strong IT risk management approach,
What to look for in IT risk assessment technology.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
How to build credibility with the right approach to IT risk, vendor, and controls
Even in our technology-driven world, some still see information security as a rival to business objectives. So how can resource-strapped risk teams perform their duties while earning buy-in?
Join us tomorrow (September 23), to hear how cyber risk practitioners at an international law firm implemented IT risk management technology to increase the efficiency and impact of their small department. Learn how to:
Build a centralized risk registry with dashboard reporting.
Automate risk assessment processes for better visibility into vulnerabilities and vendor risk.
Facilitate smoother audits with continuous controls testing
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
How to maximize GRC technology, methodology, and use cases
To optimize business performance, organizations need GRC technologies that provide visibility into internal and external risks. But technology on its own isn’t enough! Organizations need to strategically marry their methodology, content framework, and use cases, with the technology in order to build a truly impactful GRC program.
Download this white paper to discover the most critical factors of a successful roll-out based on analysis of hundreds of GRC implementations. You'll also learn:
What factors to consider when choosing the right methodology and risk-rating system for your organization.
How to choose your IT risk management use cases based on the appropriate frameworks.
What to look for in a tool that supports your methodology, content, and use cases.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
The Forrester Wave™: Third-Party Risk Management Platforms, Q4 2020 report
To manage today’s heightened third-party risk, proactive GRC teams are embracing artificial intelligence, machine learning, and robotic process automation carry out due diligence. This ensures their third-party network remains a competitive advantage.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
The economic fallout from COVID-19 has led to global supply chain uncertainty. Partnered with a largely remote workforce, having robust and resilient third-party risk management processes is more important than ever before. Automating and centralizing vendor risk management (VRM) activities can assist in keeping up with increased scope and scrutiny.But what features should you prioritize to make a significant impact quickly?
This checklist outlines 15 key features to look for in a VRM solution that will help mitigate the cost of managing third-party risk and improve due diligence, including:
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
New 2020 Gartner Report Evaluates IT Vendor Risk Management Solutions
The 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools is now available. This report evaluates 23 solutions within the IT Vendor Risk Management (VRM) landscape, based on each vendor’s completeness of vision and ability to execute. This report can be utilized as a resource in the IT VRM software solution decision-making process to better understand the Vendor Risk Management landscape.
See which vendors were evaluated and understand how they are placed in terms of ability to execute and completeness of vision. Download your complimentary copy of the 2020 Gartner Magic Quadrant for IT Vendor Risk Management Tools now.
Gartner, Magic Quadrant for IT Vendor Risk Management Tools, August 24, 2020, Joanne Spencer and Edward Weinstein
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from ProcessUnity. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
White paper: Audit oversight for onboarding vendors
Current supply chain uncertainty and a largely remote workforce can lead to vendor onboarding processes being circumvented or overlooked. This is especially true if your organization’s partners have changed due to COVID-19. Your internal audit colleagues can provide critical oversight to maintain due diligence over third-party risk—so you can focus on other areas.
Download this white paper to understand why audit and risk teams should collaborate to keep up with due diligence. You’ll also learn how to:
Review program resources and ensure the right ones are involved.
Use automation to perform more assessments and manage remediations.
Communicate effectively about SLAs to minimize service disruptions.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Having the right set of key risk indicators (KRIs) is critical to aligning your IT risk posture to organizational performance. KRIs allow you to anticipate and quickly respond to issues before they disrupt operations, breach sensitive data, or cause financial damage. But many IT teams aren’t sure of where to start when building out KRIs.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Galvanize named a leader in the 2020 Gartner Magic Quadrant for IT risk management
Digital regulations are evolving, cybersecurity issues are on the rise, and IT risk management has become a board-level discussion. As an IT GRC professional—with competing priorities on your plate—you understand the need for an IT risk management (ITRM) solution that provides you with an aggregate view of risk to inform better decision-making. But with so many solutions available in the market, how do you decide which ones to consider?
The Gartner Magic Quadrant for IT Risk Management, is an annual evaluation of the competitive landscape for the IT risk management technology market. Gartner recommends using this report to “evaluate the opportunities and challenges in automating IT risk decision making.” Discover what to look for when selecting an ITRM solution.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
Cybersecurity is a top concern for boards—meaning CISOs finally have a seat at the table. But, information security and risk management leaders are expected to flawlessly managing hundreds of tools while foreseeing risk and compliance issues, and have the ability to explain complex issues to non-technical board members.
Download this eBook for practical tips on how to communicate with the C-suite and board to provide them with visibility into your IT risk and compliance posture. You’ll also discover strategies to win more budget and capacity for your cybersecurity function. In this eBook, you’ll discover:
The top six challenges facing CISOs today.
What’s defining our current cyber-risk landscape.
Strategies to win more budget and capacity for your cybersecurity function.
Common questions to anticipate from the board (and how to respond to them).
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119
The global pandemic has left many compliance leaders concerned about increased third-party risk. 52% of legal and compliance leaders are most worried about cybersecurity risks, followed by privacy, fraud, and ethical conduct.*
This eBook looks at how organizations can continue to pivot and build the right processes to maintain a secure third-party risk-management profile when the unexpected occurs. You’ll learn:
Why the focus on third-party risk has increased.
How the shift to remote work has impacted third-party risk.
A step-by-step approach to improve your third-party risk management program.
About the IT GRC Forum The IT GRC Forum is the premier online resource for Governance, Risk Management, and Compliance (GRC) Executives. We produce educational events and provide market intelligence for our members.
Address: 1 Penn Plaza, Suite 6272, West 34th Street New York, NY 10119