Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC NetApp Digital Newsroom WatchGuard Digital Newsroom Cisco Partner Summit Digital 2020 HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

The 10 Most Important Things A Company Needs In Its Risk Management Plan

Risk management has often focused too narrowly on just the IT department, failing to account for risks associated with business processes in other areas. Here's a look at what every company needs to have in their plan.

Back 1 ... 2   3   4   5   6   ... 11 Next
​ ​

Examine Performance History Of Third Parties

Businesses need to examine the performance history of all the third parties they're dealing with and avoid focusing too narrowly on just their top vendors, according to Tom Turner, president and CEO of Cambridge, Mass.-based BitSight.

Companies should look at the objective performance of their third parties using a ratings or scorecard tool, Turner said. A qualitative assessment is important and can help businesses understand the nature of what a third party has in place from a security and risk standpoint, Turner said, but it's vital to also have a quantitative measurement of outcomes as it relates to monitoring and breach response times.

From there, he said companies should collaborate with their third-party suppliers, using assessments and measurements to ensure that their risk surface area is being reduced. Businesses should benchmark and report this over time to ensure that there's improvement in the performance of the aggregate supply chain, and enable executives and board members to track the progress that's being made.

Back 1 ... 2   3   4   5   6   ... 11 Next

sponsored resources