https://vendefense.com/wp-content/uploads/2019/01/VRM-Policy.jpg 460 690 Evan Francen /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Evan Francen2019-01-23 09:10:182019-02-19 15:56:42Vendor Risk Management Policy
A policy defines the rules for the game. A vendor risk management policy defines the rules for the vendor risk management game. The more people who need to know about your rules, the more important the policy becomes.
https://vendefense.com/wp-content/uploads/2019/01/Vendor-Risk-Management-Best-Practices.jpg 461 690 John Harmon /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png John Harmon2019-01-22 11:06:152019-02-19 15:55:07Vendor Risk Management Best Practices
Help your vendors practice the best security. You’re in a position to help the organizations who wouldn’t naturally care about security. Put the basics in place to better protect themselves and you. VRM is a GREAT way to lead your suppliers to best practices while also protecting yourself in a more effective way. It costs you nothing and has (potentially) enormous benefits.
https://vendefense.com/wp-content/uploads/2019/01/Benefits-of-VRM.jpg 460 690 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2019-01-17 09:19:142019-02-19 15:53:03Top 5 Benefits of a Vendor Risk Management Program
Many companies are daunted by the task of building a vendor risk management (VRM) program that gathers all vendors in one place, classifies them, assesses the risky ones and determines if that risk should be remediated or terminated. However, the benefits of an automated VRM program easily outweigh the risks of not doing vendor risk management.
https://vendefense.com/wp-content/uploads/2019/01/Risk-Management.jpg 460 690 Evan Francen /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Evan Francen2019-01-16 15:42:042019-02-19 15:52:09The Importance of Vendor Risk Management
The importance of vendor risk management is dependent on your importance of protecting your information so an attacker doesn't gain access or so vendor doesn't lose your information. With breaches on the rise, a high-quality third-party information security risk management system is crucial.
https://vendefense.com/wp-content/uploads/2019/01/shutterstock_557416681.jpg 441 843 Chad Spoden /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Chad Spoden2019-01-15 12:55:492019-02-19 15:50:27Purpose of Vendor Risk Management
The purpose of vendor risk management is ensuring the use of third-party vendors and making sure they do not introduce a negative impact, business disruption, or damage your reputation. It also puts you in a defensible position by showing you're practicing proper due care and due diligence regarding information security and vendor risk management.
https://vendefense.com/wp-content/uploads/2019/01/vendor-risk-management.png 441 843 Kevin Orth /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Kevin Orth2019-01-09 09:33:562019-02-15 11:53:46How To Do Vendor Risk Management
Vendor Risk Management (VRM) isn’t hard, but we interact with organizations every day that have complicated, manual processes, or they’re doing nothing at all. That complexity typically comes from the lack of regulatory clarity around…
https://vendefense.com/wp-content/uploads/2018/12/credi-card-breach.jpg 441 843 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2018-12-12 13:08:352019-02-15 11:48:26Healthcare Vendor Breach: Credit Card System Hacked
On September 29, 2018, Baylor Scott & White Medical Center – Frisco, a joint venture managed by United Surgical Partners International (USPI), discovered that more than 47,000 patient records may have been compromised when the hospital…
https://vendefense.com/wp-content/uploads/2018/11/4phases-treatment.png 441 843 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2018-11-16 09:49:172019-02-15 11:28:41Phase 4 of VRM: Risk Treatment
The final step in the third-party vendor risk management process handles how we decide to treat the risks associated with third parties. The most objective method to handle risk in relation to third-party information security risk management…
https://vendefense.com/wp-content/uploads/2018/11/4phases-assessment.png 441 843 Suzy Feine /wp-content/uploads/2018/10/VENDEFENSE-logo-r-white.png Suzy Feine2018-11-16 09:43:232019-02-15 11:38:23Phase 3 of VRM: Assessment
As mentioned in Phase 2 - Classification, High and Medium impact third parties need to be assessed for residual risk. Residual risk is another term that isn’t common to all people, so we’ll define it. Residual risk is the amount of risk…