Audit, Outsourcing and Risk Management - Continuity Professionals Pulse

Cybersecurity Audit Checklist

Reciprocity

SEPTEMBER 11, 2024

To assure that all those parts are working as intended, you should perform a cybersecurity audit. Audits aren’t just good sense, either; many data privacy and security regulations require audits. That said, the steps for a cybersecurity audit can be long. Define the scope of your audit.

Audit

Audit Cybersecurity Vulnerability Outsourcing

Silicon Valley Bank (SVB) Failures in Risk Management: Why ERM vs GRC

LogisManager

MAY 9, 2023

Silicon Valley Bank (SVB) Failures in Risk Management: Why ERM vs GRC By Steven Minsky | May 5, 2023 Silicon Valley Bank (SVB) was closed by regulators and reminded us of the recession associated with Lehman Brothers and Washington Mutual Bank in 2008. However, the evidence was inconclusive so their strategy continued unchanged.

Banking

Banking Risk Management Management Corporate Governance

Third-Party Risk Management 101

Fusion Risk Management

SEPTEMBER 1, 2021

In today’s world, where we have seen massive supply chain disruptions, data breaches, enforcement actions, and a stunning series of customer failures, the world of third-party risk management (TPRM) has never been under more scrutiny. Let’s examine what third-party risk management means. Risk Assessment.

Risk Management

Risk Management Management Outsourcing Fashion

Webinars

Are Robots Replacing You? Keeping Humans in the Loop in Automated Environments

MORE WEBINARS

Policy Management 101

Fusion Risk Management

AUGUST 17, 2021

Ask yourself one question: when is the last time I updated my third-party risk management policy and presented it to the board for approval? However, for the 1/3 that don’t, here are some helpful tips and notes: Scrutiny of third-party risk practices has never been greater.

Management

Management Audit Outsourcing Risk Management

Preparation Continues for the Digital Operational Resilience Act

Fusion Risk Management

JANUARY 5, 2023

A key focus has been on technology and data service providers (TSPs) , as cyberattack incidents such as SolarWinds and Log4j have proven that third parties present risks that significantly impact important business services. One legislation addressing these risks is the landmark Digital Operational Resilience Act (DORA). Audit Access.

Resilience

Resilience Financial Services Outsourcing Audit

TSPs: Making the Case to Invest in Risk and Resiliency

Fusion Risk Management

SEPTEMBER 12, 2022

Even if it is difficult to use that regulatory hammer to secure funding for budget to purchase technology, this should not stop a progressive organization from using effective risk management disciplines to run their programs and serve their customers. Or, as so well articulated by the great British writer C. Contractual Obligations.

Resilience

Resilience Insurance Insurance Outsourcing

Third-Party Due Diligence Best Practices

Reciprocity

OCTOBER 7, 2024

Third-party due diligence is the process of vetting suppliers, distributors, and service providers using a risk-based approach to uncover any red flags that may indicate a danger to your business. Making a list of all prospective third parties and assessing their risk is the first step in the third-party due diligence procedure.

Cybersecurity

Cybersecurity Audit All-Hazards Risk Management

What Is GRC? Governance, Risk, and Compliance Explained

BMC

DECEMBER 23, 2024

Risk A possible event that could cause harm or loss or make it more difficult to achieve objectives. In GRC, risk management ensures that the organization identifies, analyses, and controls risk that can derail the achievement of strategic objectives. GRC provides support in case of future failures.

Government

Government Audit Technology Outsourcing

Managing ICT third-party risk under DORA regulation

Fusion Risk Management

JANUARY 31, 2024

As organizations begin to determine the impact that DORA has on their specific business, a common thread has emerged: while Information and Communication Technology (ICT) Third-Party Risk Management (TPRM) is its own pillar in the regulation, TPRM touches on all other pillars of the regulation.

Management

Management Risk Management Activation Outsourcing

Important KPIs for Successful Vendor Management

Reciprocity

AUGUST 24, 2022

Every risk management program should include risks posed by your vendors. Beware, however: vendor risk management is a complex process unto itself, requiring ongoing monitoring and measurement. What Are Vendor Risk Management Metrics? What Are the Most Common Vendor Risks? Staff training.

Management

Management Risk Management Cybersecurity Strategic

Tips for Managing Third-Party Risk in Health Care

Reciprocity

SEPTEMBER 30, 2022

Third parties generate, manage, or hold this data, resulting in even more severe threats to healthcare organizations and their information security. This is why third-party risk management and healthcare data security are critical. What is Healthcare Vendor Risk Management? Notes on Vendor Access et.

Healthcare

Healthcare Management Vulnerability Risk Management

33 Data Privacy Week Comments from Industry Experts in 2023

Solutions Review

JANUARY 25, 2023

On top of that, these suppliers themselves outsource their material to second-tier suppliers. New systems will be a collection of smaller applications working harmoniously for better risk management and future outlook. The journey has already started with self-service systems, and it will continue for the next few years.

Backup

Backup Government Application Security

What Is GRC? Governance, Risk, and Compliance Explained

BMC

DECEMBER 23, 2024

Risk A possible event that could cause harm or loss or make it more difficult to achieve objectives. In GRC, risk management ensures that the organization identifies, analyses, and controls risk that can derail the achievement of strategic objectives. GRC provides support in case of future failures.

Government

Government Audit Technology Outsourcing

Business Continuity Guide for Smaller Organizations

Stratogrid Advisory

JUNE 3, 2020

Additionally, the Business Impact Analysis (BIA) process outlined in Chapter 4 will leverage findings of the organizational Risk Assessment activity, which could be executed as a part of the BIA engagement. Vendor Risk Management When developing organizational continuity plans, third-party providers (e.g.

Business Continuity

Business Continuity BCM Impact Analysis BCP

Business Continuity Guide for Smaller Organizations

Stratogrid Advisory

JUNE 3, 2020

Additionally, the Business Impact Analysis (BIA) process outlined in Chapter 4 will leverage findings of the organizational Risk Assessment activity, which could be executed as a part of the BIA engagement. Risk Methodology. Vendor Risk Management. IT Organization (internal and external if outsourced).

Business Continuity

Business Continuity BCM Impact Analysis BCP

Continuity Professionals Pulse

Cybersecurity Audit Checklist

Silicon Valley Bank (SVB) Failures in Risk Management: Why ERM vs GRC

Webinars

Trending Sources

Third-Party Risk Management 101

Webinars

Policy Management 101

Preparation Continues for the Digital Operational Resilience Act

TSPs: Making the Case to Invest in Risk and Resiliency

Third-Party Due Diligence Best Practices

What Is GRC? Governance, Risk, and Compliance Explained

Managing ICT third-party risk under DORA regulation

Important KPIs for Successful Vendor Management

Tips for Managing Third-Party Risk in Health Care

33 Data Privacy Week Comments from Industry Experts in 2023

What Is GRC? Governance, Risk, and Compliance Explained

Business Continuity Guide for Smaller Organizations

Business Continuity Guide for Smaller Organizations

Stay Connected