Third-Party Risk Management Best Practices

It’s a Wrap: Four Takeaways from...

The 2019 ProcessUnity Customer Summit is a wrap and what a week it was. We..

ProcessUnity Scores Highest in Gartner 2019...

Gartner recently published the 2019 Critical Capabilities for IT Vendor Risk Management Tools, and we..

How Third-Party Risk Management Can Help...

This post originally appeared on LinkedIn. To view the original article, click here. We understand the..

Change Your SOX: Next-Gen Sarbanes-Oxley Compliance

  It’s been more than a decade since Sarbanes-Oxley became the law of the land—and..

The Hidden Costs of Spreadsheets in...

While spreadsheets are a widely-accepted go-to for compliance and risk management activities, findings from Blue..

First GDPR, Now CCPA: Manage Your...

One year ago, organizations of all sizes were scrambling to comply with the pervasive General..

Sarbanes-Oxley Compliance: Five Steps to Cleaning...

While Sarbanes-Oxley (SOX) compliance management may be old hat for some, organizations today continue to..

The Top Policy and Procedure Management...

Corporate policies – from HR guidelines to pricing rules -- set the standards, outline the..

Plan Providers: Use Offer Management to...

In today’s intensely competitive benefit plan market, getting your teams aligned creates a dramatic competitive..

A Roadmap for Implementing Product and...

“Benefit plan providers are turning to Offer Management initiatives and systems to reduce risk, cost..

Case Study: Offer Management Revitalizes a...

A large Benefits Provider was facing major customer service and implementation challenges. The company provides..

45-Minute Executive Web Clinic: Offer Management...

You’ve probably heard: The sky is falling in the benefits industry. (Or should we say..

Channel Your Inner Regulator to Improve...

If you are like most banks and financial service companies, then chances are you outsource..

How to Stay Ahead of Risk...

Managing risk through pre-contract vendor due diligence in a digitally connected world Thanks to increasing..

Does Your Pre-Contract Due Diligence Leave...

Today’s global, digital economy opens up a world of opportunities—and a whole new world of..

Five Keys to Conducting Effective Vendor...

Risk exposure is indiscriminate. Whether you are a large multinational, a non-profit institution, an agency..

Welcome to the ProcessUnity Blog

On behalf of the ProcessUnity team, I am excited to welcome you to the new..

Introducing ProcessUnity’s Summer 2015 Release

Salesforce and Microsoft Office Integrations, plus a Whole New Look! The ProcessUnity Summer 2015 product..

FFIEC Cybersecurity Assessment Tool: What You...

Cybercrime is a hot topic among GRC practitioners these days. It should be. According to..

The State of Third-Party Risk Management

Today, organizations are bombarded by new regulatory guidance, daily occurrences of cybercrime and data breaches,..

Why Cloud Works for Third-Party Risk...

If you are running a Vendor Risk Management program, odds are that you either have:..

Mitigating the CFPB Audit Process

In the mortgage industry, the potential for an audit by the Consumer Financial Protection Bureau..

eBook: 8 Reports for Effective and...

The foundation for an effective and efficient Vendor Risk Management program is solid reporting. The..

The 2017 State of Third Party...

How does your program rate? Take the Third-Party Risk Management survey and find out! There..

Six Tips for Building Effective Vendor...

A well-designed vendor risk assessment questionnaire is vital for a successful Vendor Risk Management program...

Formalizing Vendor Risk Management - Keep...

When starting to build a formal Vendor Risk Management program, it’s important not to overcomplicate..

SLAs and Vendor Performance Management

Not all business relationships require a service-level agreement (SLA), but good vendor performance management is..

Regulatory and Management Reporting for Vendor...

In working with prospects and customers, one of the questions I get asked the most..

Incorporating Content Services into Your Vendor...

Companies are continually searching for ways to improve the quality of their third-party risk due..

Risk & Compliance – The Build...

We’re not seeing it as much as we used to, but some companies are still..

Think GDPR (General Data Protection Regulation)...

Do you collect, store or process EU citizen or resident data? Does anyone in your..

Vendor Onboarding Best Practices: ProcessUnity Webinar...

Vendor Onboarding Best Practices: To contract a vendor is to initiate a relationship: when you..

New Report Predicts Significant Market Growth

MarketsandMarkets has published a new report that states that the global Vendor Risk Management market..

Third-Party Risk: Reduce Vendor Fatigue &...

You’ve likely heard before that “one size does not fit all” when it comes to..

New Gartner Report: Evaluates Capabilities and...

Gartner Research recently published The 2018 Critical Capabilities for IT Vendor Risk Management, and we are extremely excited..

Third-Party Management Maturity Model White Paper:...

ProcessUnity’s recent white paper, the “Third-Party Risk Management Maturity Model,” helps you understand where your..

Evaluating Third-Party Risk Management Software? Speed...

Good vendor risk management practices are good for business. Unfortunately, most organizations today continue to..

Poll: Over Half of Risk Managers...

ProcessUnity recently participated in a live webinar with IT GRC and other leading Vendor Risk..

How Financial Ratings and Cybersecurity Scores...

RapidRatings, Security Scorecard and BitSight Enhance Vendor Risk Management Process As a standalone solution, ProcessUnity’s..

How To Improve Your Third-Party Inherent...

More than two-thirds of companies are cutting corners when it comes to third-party due diligence..

Why Your Third-Party Risk Management Program...

The vast majority of people get annual physical examinations and automotive tune-ups – why shouldn’t..

What the European Banking Authority Guidelines...

Using the European Banking Authority (EBA) guidelines to streamline your supplier risk management program Simply..

ProcessUnity Positioned as a Leader in...

We have great news. Today, Gartner published the 2019 Magic Quadrant for IT Vendor Risk..

2019 Was A Banner Year for...

ProcessUnity just finished up another banner year – it’s an exciting time to be in..

Metrics to Avoid When Discussing Cybersecurity...

Chief Information Security Officers (CISOs) have one of the toughest jobs in the C-Suite. They..

Third-Party Risk Management: From A to...

Just as the mind, body and spirit are intertwined, there are several interconnected pillars to..

How to Spot Your Riskiest Vendors:...

Maintaining strong relationships with third parties is critical to business success. Yet too often, does..

Pandemic Questionnaire Guidance & Vendor Assessment...

Before the emergence of COVID-19, third-party risk management programs were executing in a business-as-usual mode,..

Revolutionizing Third Party Risk: How to...

Despite their best efforts to administer an efficient and effective process, many organizations spend an..

Compliance Week Recognizes Abercrombie & Fitch’s...

Congratulations to Rob Seibel, Director of Legal Compliance at Abercrombie & Fitch Co., for receiving..

The Evolution of the Third-Party Due...

To compete in today’s marketplace, companies routinely engage third parties to provide all manner of..

Procurement or Information Security: Who Owns...

There is no right answer to which team should own Third-Party Risk Management, but effective..

Why Vendor Risk Management Should Be...

As the severity and cost of data breaches continues to increase, Vendor Risk Management has never been..

Gartner Names ProcessUnity a Leader in...

The title says it all – Gartner has again recognized ProcessUnity as a Leader in..

What is a Cybersecurity Framework?

A cybersecurity framework is the foundation on which your program is built. It documents the..

How to Address The Top Third-Party...

Third-party risk management, or TPRM, is a critical part of keeping your company’s and customers’..

Cybersecurity Risk has Changed the Chief...

In the past, the Chief Information Officer (CIO) was responsible for all things technology, but..

Reporting on the State of Your...

The CISO’s Role and Cybersecurity Program Evolution As the role of the CISO changes and..

EBA Guidelines and Supplier Risk Management

Today’s distributed, business environment is defined by third-party relationships. The boundaries of the organization have..

The Importance of a Flexible Cybersecurity...

It goes without saying: Your cybersecurity threat landscape is continually evolving, and new risks emerge each day. Trends..

Tips for Quantifying Inherent Risk for...

Quantifying inherent risk for third parties is one of the most important aspects of a..

Stop Wondering if You're Compliant: The...

Regulations and compliance requirements are constantly changing, and this can make it challenging to efficiently maintain compliance...

Stay Ahead of the Cybersecurity Threat...

Understanding today’s ever-evolving cybersecurity threat landscape is essential for developing strategies and taking action to..

8 Key Reports You Need for...

The foundation for an effective vendor risk program starts with solid reporting. As your vendor..

Cybersecurity Accountability Requires Enterprise-Wide Involvement

Cybersecurity is every employee’s responsibility. To ensure success, organizations today need to weave cybersecurity accountability into the..

Anti-Bribery & Corruption (ABAC) in Business...

The impacts of corruption can be very severe and have been historically well documented. On a political level, corruption – however and wherever..

Solarwinds Hack: The Intersection of Cybersecurity...

The continuing fallout from the SolarWinds hack is creating a mashup of Cybersecurity Program Management stuffed..

The Intersection of Third-Party Risk and...

According to a recent BlueVoyant, Opinion Matters global study of 1,500 CISOs, CIOs, and CPOs, 29 percent say they have..

What’s the Difference? Vendor Risk vs...

The words are frequently used interchangeably. Is there a difference between them?  The Basics of Third Party..

Vendor Risk Management & ESG Related...

The Emerging Importance of ESG-Related Risk Environmental, social, and governance (ESG) and its role in vendor..

Expert Tips for Setting up a...

Assessing Third Party Risk with a Vendor Questionnaire Vendors deliver reduced costs and increased productivity, making them very advantageous for business strategy...

Do You Really Know Who Your...

Money laundering; bribery and corruption; drug trafficking; and terrorism financing are issues that are rapidly infiltrating business operations. In recent years,..

The Benefits of a Centralized Cybersecurity...

Implementing a centralized Cybersecurity Program Management platform can pay dividends for your organization by protecting high-value..

Why Vendor Risk Management is Essential...

Third-Party Risk in Healthcare When it comes to vendor risk management in healthcare, regulators increasingly..

Your Cybersecurity Budget is a Top...

Cybersecurity is recognized as an increasingly important annual budget spend, with many organizations declaring their cybersecurity..

The Impact of NERC and FERC...

Cyber threats and their subsequent attacks are dominating news headlines globally. The recent SolarWinds attack..

Setting Up A Cybersecurity Assessment Schedule

Building an Informed Cybersecurity Assessment Schedule Managing a cybersecurity program demands regular reviews of key..

Supplier Risk Management Strategies for Healthcare...

The COVID-19 pandemic served as a wake-up call for supplier risk management programs globally. Formerly reliable..

What is Fourth Party Risk and...

As we’ve seen in recent events such as the SolarWinds hack, third-party risk poses a serious threat to business continuity. What the..

Diversity and Inclusion as a Third-Party...

Diversity and inclusion initiatives are helping organizations to increase profitability, boost their reputation and even..

ESG Reporting Mandates to Know for...

Third-Party Risk Management in today’s regulatory landscape is difficult – and it is about to..

What is Third-Party Risk Management?

Third-Party Risk Management is the process of identifying, managing and mitigating risks present in a vendor relationship. This..

How to Create a Mature Third-Party...

Whether building a program from scratch or improving an existing program, third-party risk management (TPRM)..

What the Biden Administration's Executive Order...

The Biden Administration is prioritizing the nation’s cybersecurity with an executive order to modernize cybersecurity defenses and protect..

UK PRA Guidelines: New Strategies for...

It goes without saying that operational resiliency and supplier risk management go hand in hand. Organizations need to adapt, respond to, and..

ProcessUnity Team Kicks Off National Day...

On August 20th, 2021, ProcessUnity hosted its inaugural Day of Giving to provide our team with the..

Inherent Risk vs. Residual Risk in...

Conducting a thorough vendor risk analysis is an integral step in Vendor Risk Management. However,..

ISACA Summit Replay: Cybersecurity is an...

Throughout your company, people are managing silos of cyber risk to your business. You need..

Why Organizations Automate Vendor Risk Assessments

It’s a fact increasingly validated with each third-party data breach: when an organization brings on..

Managing Third-Party Cyber Risk

Each day organizations face new threats that jeopardize their critical networks. Standard cybersecurity practices help mitigate the..

Expert Interview: Continuous Monitoring of Third-Party...

ProcessUnity discusses best practices for continuous monitoring of third-party vendor risk with BitSight, a leading..

3 Steps to Better Vendor Risk...

Creating and distributing vendor risk assessments is a key part of any third-party risk management program.  As organizations utilize third-party services to..

Build a Better Vendor Due Diligence...

Take a deep dive into vendor due diligence with ProcessUnity’s in-house due diligence specialist, James Goncalves. This interview..

Third-Party Vendor Risk Management Challenges for...

Today’s financial institutions face an incredible challenge when it comes to managing their third-party vendor..

How Dynamic Scoping Can Improve Your...

Vendor risk assessments help third-party risk management (TPRM) teams understand the risk their third parties,..

5 Tips to Improve Your Vendor...

Vendor due diligence is essential to any third-party risk management program. However, no two due diligence processes are..

4 Reasons to Manage Cybersecurity Controls...

The modern cybersecurity program faces more challenges today than ever before. New worldwide directives and increased cyberattacks put pressure..

2021 and Beyond: Financial Viability Trends...

Experts from ProcessUnity and RapidRatings recently got together to discuss why world-class third-party risk management programs are leveraging financial health ratings for onboarding, due..

How To Create a Results-Driven Supplier...

Seventy percent of organizations have under-invested in their supplier risk assessments. This fact is startling given the growing reliance organizations have on..

Log4j Vulnerability: A Lesson in Third...

A vulnerability was recently detected in Log4j, an open-source logging framework web developers use to..

Log4j: How Organizations Address Cybersecurity with...

The discovery of the Log4j vulnerability is the latest incident to send organizations into panic about..

3 Reasons to Align Cybersecurity and...

In the face of increasingly common and costly data breaches, your organization needs to know how..

How to Improve Your Vendor Due...

You can't do business without your vendors. They support critical elements of your organization, from..

BitSight: Ransomware Remains a Dominant Threat...

Are You Ready for the PRA's...

The clock's ticking.  If you're a financial services institution regulated by the Prudential Regulatory Authority,..

5 Areas to Mitigate Risk in...

If you work within a Vendor Risk Management (VRM) team, you know that third-party risk..

Vendor Due Diligence: Best Practices for...

War in Ukraine: Monitoring Resiliency in...

As the world turns its attention towards the escalating conflict between Russia and Ukraine, companies..

Understanding Your Cybersecurity Risks During the...

Cybersecurity experts warn that conflict in Ukraine presents ‘perhaps the most acute cyber risk U.S...

3 Third-Party Risk Lessons from the...

Proactively mitigate third-party risks with vendor engagement and issue response strategies  Lapsus$, a criminal hacking..

Are Your Suppliers Putting You at...

Global events, such as the Ukraine-Russia conflict, are driving increased risk levels in nearly every..

How Remote Work Has Changed On-Site...

The pandemic caused a shift in how we think about the modern workplace. Pew Research found that..

Why Third-Party Risk Management Saves Businesses...

Small to midsize companies are increasingly feeling financial pressure on their operations. According to Harvard..

Can You Apply Zero-Trust to Your...

The federal government shifted to a zero-trust strategy in 2022 to bolster its cybersecurity posture; private..

ProcessUnity is a Leader in the...

The results are in: ProcessUnity is a Leader in The Forrester Wave™: Third-Party Risk Management..

3 Questions Healthcare Organizations Should Consider...

Did you know that 33% of third-party data breaches in 2021 targeted healthcare organizations? In..

Zero Trust as a Third-Party Risk...

According to a Microsoft survey, more than 40% of workers are considering quitting their jobs..

GRC 20/20 Quantifies Return on Investment...

Independent research examines the measurable benefits of ProcessUnity VRM Imagine what business results you could..

3 Business Benefits of a Cybersecurity...

Cyber risk is a top concern for businesses today thanks to the ubiquity of the..

Which Cybersecurity Certification Does Your Business...

More customer wins. Better organizational security. Efficient compliance management. These are just a few of..

ProcessUnity Customer Summit: Experts Advocate for...

At the 2022 ProcessUnity Customer Summit, experts from a variety of industries and organizations convened..

New Artificial Intelligence Regulations Will Require...

The frontier is closing on artificial intelligence: Where AI once represented the “Wild West” of..

Build and Scope Better Due Diligence...

Vendors are a fact of the modern workplace, but they can bring serious security risk..

How Automated ESG Due Diligence Makes...

Over the past few years, Environmental, Social, and Governance (ESG) regulations have become increasingly rigorous..

3 Things to Consider Before Using...

Even with advanced workflows, vendor risk assessments can be a challenge for third-party risk teams...

Don’t Treat Third-Party Risk Management as...

Beyond Basic Compliance: Achieving True Resilience Requires Third-Party Risk and Cybersecurity Alignment Between SOC audits,..

Next-Level Strategies for an Efficient Third-Party...

How to Optimize Third-Party Due Diligence for Cybersecurity  According to IBM’s Cost of a Data Breach..

Properly Scoping Vendor Due Diligence Drives...

Properly Scoping Vendor Due Diligence Saves Both Time and Money One of the costliest mistakes..