Third Party Risk Management Archives

Vendor Risk Assessment Best Practice #3 – Maintain a Comprehensive List

May 23, 2022Curtis Jones3rd Party Management, Healthcare third party risk management, Healthcare vendor risk management, Third Party Risk, Third Party Risk Management, Vendor Management, Vendor Risk

The first and most fundamental mistake most organizations make in managing vendor risk is not maintaining a comprehensive list of active vendors. This may strike you as so obvious that it seems silly to note at all, much less cite as mistake number one. However, you will be surprised to learn that “nearly two-thirds of IT security professionals surveyed stated that their organizations do not maintain a comprehensive list of third-party vendors and dependencies.”

Vendor Risk Assessment Best Practice #2 – Assess Early

Apr 12, 2022Jonathan Russell3rd Party Management, Healthcare third party risk management, Healthcare vendor risk management, Third Party Risk, Third Party Risk Management, Vendor Management, Vendor Risk

Vendor risk evaluation is an expensive afterthought. 73% of organizations have no direct communication channel between the security program and management responsible for contracts and procurement. Security, whether intentional or not, is effectively an afterthought. This results in a huge business process gap — and a fundamental mistake — that is very common.

Vendor Risk Assessment Best Practice #1 – Periodically Reassess

Apr 5, 2022Curtis JonesThird Party Risk, Third Party Risk Management, Vendor evaluation tool, Vendor Risk

Evaluating vendor products and services on a schedule is a difficult yet imperative practice to implement. You need the right vendor evaluation tool.

DoorDash Breach – Surprises and Mistakes in Managing Vendor Risk

Dec 5, 2019Curtis Jones3rd Party Management, Breach, Confidentiality, Third Party Risk, Third Party Risk Management, Vendor Management, Vendor Risk

Dependence on vendors in your delivery of services or products is a common and necessary part of doing business effectively and efficiently in the 21st century. DoorDash is not alone in relying heavily on third party vendors to deliver their service. Some details about this breach incident recently in the news may surprise you. Other details illuminate how to avoid six common mistakes made by organizations who handle sensitive data.