A Third Party's Perspective on Third Party Risk
Privacy Issues from Third-Party Website Tags
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Corruption, Crime and Compliance: Third-Party Risks and Sanctions Compliance
Compliance into the Weeds: Sustainability and Managing 3rd Party Risk
Episode 304 -- Nathalie Druckmann, VP at Certa, on Artificial Intelligence Third-Party Risk Management
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
FCPA Compliance Report - Brad Hibbert on Prevalent’s 2023 3rd Party Risk Management Report
Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
One Month to a More Effective Compliance Program for 3rd Parties - Day 13 - Ongoing Monitoring of 3rd Parties
Corporate Compliance and Enforcement Hot Topics with IBM VP, Una Dean
Innovation in Compliance - Contracts as a Third-Party Risk Management Tool with Brad Hibbert
Cyberside Chats: There is a war in Europe. What does that mean for your cyber insurance policy?
Matt Kelly on Cybersecurity and Suppliers
Patty Houser on Supplier Codes of Conduct
Chris Ford on Compliance and Cloud Computing
Ashley Coselli and Daniel Wendt on Difficult Anti-Corruption Due Diligence Projects
Ronnie Kann and Trent Sandifur on Third-Party Monitoring
Susan Roberts on Creating a Compliance Program Book
Brian Lee on Compliance Spending
All lawyers understand that they have an ethical obligation to protect client confidential information from prying eyes, whether in a locked file cabinet, on a cloud storage device, or passing through the networks of...more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
Third-party relationships supporting core operations are now more important than ever for most organizations. Yet too often, procurement, information security, compliance, and other professionals are overburdened with the...more
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more
The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking...more
On February 15, Federal Reserve Board Governor Michelle W. Bowman delivered remarks at the Midwest Cyber Workshop, during which she discussed topics related to third-party service provider reliance and regulatory expectations...more
Cybersecurity is a growing concern for all nonprofit organizations, especially those that store, process, and transmit sensitive data. While it is common to think of the cyber issue as relevant to digital communications and...more
Financial services firms are increasingly reliant upon third-party companies to provide important services, ranging from cloud services and data analytics to machine learning and cash distribution. As these third parties...more
The task of conducting due diligence in the selection of technology vendors is a critical component of the lawyer’s ethical obligation to maintain reasonable security over client confidential information. However, for several...more
The Black Shadow hacking group’s attack on Cyberserve, reported a few days ago, has resulted (at this point in time) in the leaking of a database with more than 800,000 records pertaining to various individuals and the...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
As we now enter the third quarter of our discontent with the Coronavirus worldwide pandemic, one thing is very clear: Centralized vendor risk management is imploding....more
The California Consumer Privacy Act became effective on Jan. 1. Included among its provisions is the grant of a private right of action on behalf of any consumer “whose nonencrypted and nonredacted personal information…is...more
Are you about to sign a service agreement with a third-party service provider under which it will access and use technology of your company? Have you checked your applicable third-party contracts to see if you need any...more
Last week the Justice Department (DOJ) announced a resolution of the long standing Foreign Corrupt Practices Act (FCPA) enforcement action involving Telefonaktiebolaget LM Ericsson (Ericsson), a multinational networking and...more
“To err is human,” but in an industry as seemingly driven by precision as eDiscovery, errors are all too common. Yes, mistakes are going to happen. Which is why we can fall back on processes and procedures to ensure that even...more
Internal controls are a key tool to operationalize your third-party risk management program. The basic internal controls, that should be a part of any financial controls system. There were four significant controls the...more
In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach,...more
The Microsoft FCPA settlement, while not significant in the total penalty of approximately $25 million, provides some important instructions concerning distributor and re-seller risks and mitigation strategies. ...more
The need to control risks associated with using third-party technology service providers was reemphasized by the FDIC for institutions with less than $1 billion in assets in a new financial institutions letter...more
The Toronto Sun reported this morning that the privacy of 4,500 consumers of recreational cannabis in Ontario has been compromised. The names and addresses of individuals purchasing cannabis through the Ontario Cannabis Store...more
Hiring third parties to conduct international business is appealing: Foreign business agents, consultants, distributors, and other groups facilitate business by speaking local languages, providing expertise, and accessing...more