Mitratech Holdings Inc – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР https://risk-academy.ru Управление рисками, риск менеджмент, обучение по управлению рисками, тренинг риск менеджмент Sat, 31 Oct 2020 08:14:32 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://raruswebsite.s3.amazonaws.com/wp-content/uploads/2018/02/10213225/cropped-favicon-32x32.png Mitratech Holdings Inc – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР https://risk-academy.ru 32 32 Integrated Operational Resilience and TPRM: A Key Theme for 2021 | Mitratech Holdings, Inc https://risk-academy.ru/integrated-operational-resilience-and-tprm-a-key-theme-for-2021-mitratech-holdings-inc/ Thu, 15 Oct 2020 18:18:02 +0000 https://risk-academy.ru/integrated-operational-resilience-and-tprm-a-key-theme-for-2021-mitratech-holdings-inc/

Key issues in integrating Operational Resilience and TPRM

There are, however, a couple key issues that will need to be addressed to make such an integration succeed:

Concentration Risk

This is significant in a complex supply chain landscape. The chances of multiple suppliers in the same chain making use of the same utility provider, cloud service provider, transportation system, or even network of Directors is surprisingly high. A single incident could impact multiple parts of a business in numerous ways. Visibility will matter.

Proportionality

Large global corporate institutions will have very different needs of, and relationships with, service providers, compared to a single-site Credit Union, for example. This will drive very different solutions for both, but ideally, there will be standard definitions and measures to help the industry maintain its robustness.

To help address these, in the UK there is a market-lead initiative emerging that will help institutions both large and small. In due course, it should provide a common set of definitions, measures, and language that will help institutions and their service providers to align services, requirements, and…

Read More…

]]> Managing Third-Party Vendor Regulatory Compliance | Mitratech Holdings, Inc https://risk-academy.ru/managing-third-party-vendor-regulatory-compliance-mitratech-holdings-inc/ Sat, 08 Aug 2020 03:30:44 +0000 https://risk-academy.ru/managing-third-party-vendor-regulatory-compliance-mitratech-holdings-inc/

The increase in data breaches has only led to more regulatory scrutiny. Regulatory focus on third-party vendors was already increasing after the 2008 financial crisis, but has reached a fever pitch in recent years. New data privacy laws often make companies liable for the mistakes of their vendors, even as businesses are relying on outsourcing more and more.  So this reliance on vendors, suppliers and subcontractors means increased liability. 

Under a law like the CCPA, your organization is responsible for data breaches of third-party and even fourth-party vendors that have access to your customers’ data. A lack of preparation can lead to loss of consumer confidence, reputational damage, and mounting fines which can put a decided dent in your bottom line. For small and mid-sized businesses, the damage can be devastating. So it’s time to look more closely at the regulatory requirements for your vendors.

Read More…

]]>