ISO 27001:2022 Certification and Transition: How We Did It
Watch this webinar on ISO 27001:2022 transition and get guidance on certification, maintaining, or transitioning to the updated...
Third-party/vendor risk management is essential to ensure that vendors do not become the weak link in your security chain. However, gaining visibility into supply chain risks is very difficult and organizations often rely on control self-assessment questionnaires in the belief that compliance with a standard or policy minimizes risk.
Furthermore, the threat of exposure from vendors/third parties has continued to grow, especially during the pandemic. This has been on the upswing for several years, but 27 percent of respondents to an early 2021 Deloitte survey said they had a “high-impact third-party risk incident”.
Organizations should take a more objective, holistic and dynamic approach to third-party/vendor risk management. By monitoring what happens in practice, organizations can gain greater insights into vendor risk and in turn manage business exposure down to acceptable levels.
Watch this webinar from Acuity and the Institute of Risk Management to learn how, by maintaining a well-architected risk model you can easily create an always-on, holistic and accurate view of your supply chain and the vendors that represent the highest risk to your business.