Session
Risk Mitigation

Better By Tomorrow: 7 Third-Party Risk Assessment Best Practices You Can Implement Today

Monday, September 26
4 pm - 4:25 pm EDT

Are your third-party risk assessments effective? If not, this session is for you. According to Cyber Risk Alliance research, out of 300 IT and cybersecurity decision-makers who work with third parties, 90% said they use assessments or questionnaires to conduct evaluations. Despite these risk identification efforts, 60% of these decision-makers reported an IT security incident as a result of a third party in the last two years. Why the disconnect? Are third-party risk assessments adding value? Or, are assessments just “part of the job”? The reality is that assessments are a time-consuming, yet critical piece of an effective third-party risk management program (TPRM). They help organizations identify third-party risks, however, they don’t solve the entire equation. What comes next after the risk is identified? How do we mitigate? And with hundreds, sometimes thousands of third parties, can we supplement assessments with other technologies to manage risks as they arise. In this session, we’ll explore these questions and layout 7 must-know best practices to conduct more meaningful third-party risk assessments.

InfoSec World
presented by
Stay Informed
Join our mailing list for the latest news on InfoSec World 2022.