Basel ll & lll: a Business Case for a Sound 3rd Party Risk Management Program
The overwhelming perception of a 3rd party risk management program is one of a compliance money pit whereby we do the minimum required and go down the compliance checklist to make auditors and examiners happy. I frequently speak, write and teach about driving business value from [...]
Vendor Performance Management: A 360 Degree Approach to Enterprise Value Strategy
November 29, 2018 - Copyright 2018 Compliance Education Institute LLC VENDOR PERFORMANCE MANAGEMENT. (click on our 3rd Party Toolbox https://compliance-edu.com/3rd-party-toolbox/page above for more info) Over the past several years I’ve spoken with hundreds of companies in a variety of market sectors about the challenges [...]
Simple Things to Lower Your Vendor Management Program Risk Profile
I recently conducted a Vendor Management Program Audit and Risk Assessment as a part of our Advisory Services for a midsize financial institution. Performing both gives you a more complete picture of where the institution is at and helps document current state, desired state, gap analysis and create [...]
3rd Party Breaches – Are YOU Reaching Out to Your Customers/Members?
Okay, the Equifax breach wasn't your fault. Neither was the Home Depot breach, Target breach, etc., etc. Thus, the Data Breach Notification regs don't apply to you so you're clear of any responsibility. Or are you? I scoured a couple hundred bank and credit union websites [...]
3rd Party Code of Conduct as a Contractual Condition for Termination
While most companies have Code of Conduct for staff, not as many require their 3rd parties to sign such a document. Even fewer include violation of that Code of Conduct as a condition for cancellation of contract. As we all know, being associated with a 3rd [...]
SSAE 18: A Practical Analysis for 3rd Party Risk Management
I've read a ton of SSAE 18 analyses ranging from comic book style infographics with inadequate, lightweight, poorly explained content to others that are very detailed, well written analyses targeting auditors. I particularly like Ryan Buckner's concise, practical analysis in ACCOUNTING TODAY. In any case, I've [...]