All Third-Party Risk articles

  • Article

    Best practices in third-party risk management


    NAVEX Global’s fourth annual third-party risk management benchmark report offers risk and compliance officers a glimpse at how their third-party risk management programs stack up against their peers.

  • Blog

    What is a business relationship?


    The Man From FCPA ponders the FCPA considerations of electric-car company Tesla putting the squeeze on its suppliers by asking them to refund monies Tesla had paid to them, as far back as 2016.

  • Blog

    GE, third-party risk, and Spotify’s IPO


    General Electric is under investigation by the SEC, Spotify is raising eyebrows over IPO tactics, and Thailand’s fishing industry could spell out big third-party risk complications.

  • Blog

    LockPath, SecurityScorecard partnership streamlines vendor risk management


    LockPath, a provider of governance, risk management and compliance solutions, and SecurityScorecard, a security-rating platform, announced a new partnership to streamline and strengthen how organizations manage vendor and third-party risk.

  • Article

    Addressing third-party information security risks in 2017


    The latest installment of the GRC Illustrated Series from Compliance Week and OCEG discusses ways to circumvent a cyber-breach via third-party risk management.

  • Blog

    PwC proposes SOC 2+ to dig into third-party risk


    PwC has developed a framework to add to the assurance provided by an SOC 2 report (an AICPA report focused on controls around security, processing integrity, and privacy). PwC calls it an “SOC 2+” approach, building on the SOC 2 reporting principles by allowing a more independent, standardized assessment. Tammy ...

  • Blog

    The Macro-Economic Trends Tearing Through Third-Party Risk


    Image: Monday’s news of the merger between Pfizer and Allergan, one of the largest corporate deals ever, is the high-water market for a huge year of M&A activity. That M&A craze poses huge challenges to compliance officers for third-party risk, from IT systems to count third parties (harder than you ...

  • PartnerBreach

    Are Your Business Partners Letting the Hackers In?


    For Target, it was a heating and air conditioning company. At a large oil company it was a nearby Chinese restaurant. Hackers increasingly use third-party relationships to gain access to computer networks and steal data. The trend means that companies need to conduct even better due diligence on third-party relationships ...