Search
× Search
Menu
  1. Services

    Feature

    RB Advisory Video is Coming Soon.

    In the meantime please feel free to browse our full site and contact us if you have any questions about your businesses security needs.

    1. Cyber Risk Management
      1. Third Party Risk Management
      2. IT Security Audits
      3. Cyber Liability Insurance
      4. Incident Response
      5. Cyber for Small Business
      6. Cloud Management
      7. Change Management
      8. Configuration Management
    2. Security Compliance
      1. Governance, Risk, & Compliance
      2. Privacy Consultations
      3. Federal and State Regulations
    3. Cybersecurity
      1. Merger & Acquisition Due Diligence
      2. Penetration Testing
      3. CISO as a Service
  2. Industries
    1. Healthcare
    2. Government
    3. Financial Services
    4. Technology
    5. Retail
    6. Education
  3. Knowledge
  4. Events
  5. About
  6. Let's Talk
ServicesCyber Risk ManagementThird Party Risk Management

Third Party Risk Management

Third Party Vendor Risk Management (TPVRM) is the process of due diligence and controlling risks presented to your company, your data, your operations, and your finances by parties OTHER than your own company. Due diligence is the investigative process by which a company or other third party is reviewed to determine its suitability for a given task. Due diligence is an ongoing activity, including review, monitoring, and management communication over the entire vendor lifecycle.

Who are the third parties?

  • Vendors
  • Subcontractors
  • Customers
  • Joint Ventures
  • Counterparties
  • Fourth parties
  • Fifth parties

Why does your business need a Third Party Vendor Risk Management Plan?

  • Reduces likelihood of data breach costs
  • Reduces likelihood of costly operational failures
  • Reduces likelihood of vendor bankruptcy
  • Regulatory mandates may require it
  • Prudent due diligence is an ethical obligation
  • Audits where the risk is
  • Enterprise risk portfolio may expose the organization to its highest risk

Third Party Vendor Risk Management Findings:

  • 70% of companies do not adequately check their third parties security posture, yet over 90% say they will INCREASE their use of third parties
  • Data breaches caused by third parties cost $43 per record more than other breaches, yet account for over 40% of all breaches
  • Effective TPVRM involves combination of oversight and review of the external partner AND implementation of internal controls and processes
  • Given the risk exposure and costs involved, TPVRM can be the single most cost-effective risk management program that a company can implement, and internal audit and InfoSec can contribute in many significant ways.

All organizations need a Third Party Risk Management strategy that takes a second look at outside vendors. Third Party Risk Management is the context of business strategy, security, objectives, and performance. We can help you develop a vendor risk management strategy that clearly defines security risk to solidify the business relationship, values, and objectives of your organization that can protect you from any potential harm.

Contact RB Advisory

Terms Of UsePrivacy StatementCopyright 2018 by RB Advisory LLC
Back To Top