A clear and bold header

Red Flags within Your Vendor’s BCP | VendorInsight®

Posted by Rachel McKenzie on Jun 3, 2019 11:14:38 AM

Red Flags within Your Vendor’s Business Continuity Plan

Significant events, including natural disasters and massive cybersecurity breaches, will not only impact your vendor’s operations, but yours as well. Your data could be lost, your processes can be slowed or stalled, and your reputation could be hurt. To protect your organization and stay proactive, you need to understand a vendor’s Business Continuity Planning (BCP) and Disaster Recovery (DR), their processes of creating systems of prevention and recovery to deal with potential threats.

To do so, your organization should be reviewing the vendor’s BCP annually as part of your ongoing monitoring after you’ve selected and contracted with them, to determine if there are any concerning red flags. But what would be considered a red flag?

Read More

Topics: vendor reviews, Cybersecurity, Business Continuity, BCP, Experts, RTO, RPO, Business Continuity Plans, Recovery, Breaches, Disaster Recovery

Delivering VRM Solutions | VendorInsight®

Posted by Rachel McKenzie on Mar 13, 2019 11:47:53 AM

Delivering Vendor Risk Management Solutions

In this current economic climate, risk management is more important than ever. Companies only beginning to develop risk management programs haven’t yet realized the potential benefits of a structured solution for managing vendors. This includes reducing costs and risks while creating a competitive advantage against organizations who aren’t managing their risk.

Read More

Topics: vendor risk management, Cybersecurity, board members, risk assessment, Transparency, Automation, Collaboration, Return on Investment, Stability, Scalability, C-Suite

Advance Notice Of Proposed Enhanced Cyber Risk Management Standards

Posted by CMPG Risk Solutions on Nov 23, 2016 1:29:00 AM


On Tuesday, November 22, 2016, the OCC, Federal Reserve and the FDIC a press release announcing an invitation of comments on an advance notice of proposed rulemaking (ANPR), regarding enhanced cyber risk management standards for large banks under their supervision.


These regulatory agencies hope to increase operational resilience and lower the probability of failure in the banks they supervise.

 

Here’s what you need to know:



• The ANPR was published in the Federal Register on October 26, 2016, and comments are due by January 17, 2017.
• The ANPR applies to:
o any national bank, federal savings association (and any subsidiaries thereof), or federal branch of a foreign bank that is a subsidiary of a bank holding company or savings and loan holding company with total consolidated assets of $50 billion or more;
o any national bank, federal savings association, or federal branch of a foreign bank that has total consolidated assets of $50 billion or more and does not have a parent holding company; and
o any third-party service provider with respect to services provided to any covered national bank or federal savings association (or any subsidiaries thereof).
• The ANPR is not applicable to community banks
• Banks regulated by the above-mentioned agencies are required to ensure that the services they receive from third-parties are conducted with the same standards that would apply if the bank conducted the operations itself—therefore, the proposed enhanced standards would apply to all operations, even those serviced by third-parties.

Read More

Topics: vendor risk management, Federal Reserve, Cybersecurity, FDIC

VendorInsider Blog

Insight into Vendor Management Best Practices, Challenges, Solutions and Trends from Industry Insiders

As one of the longest running and most advanced vendor management software solutions, the helpful people of VendorInsight® have a unique perspective on third-party risk, compliance and management.  In the VendorInsider Blog, we share our insights on timely and relevant issues facing vendor managers.  You can subscribe using the button below, or contact us with questions.

Subscribe to Our Blog

Recent Posts

Posts by Topic

see all