To take control of your risks, you need to understand the risks posed by your company's third-party vendors. However, keeping track of your company’s vendor risks can be a huge undertaking that requires more time and money than you are able to provide. With so many cybersecurity threats out there, not to mention regulations regarding cyber risk and data privacy, keeping a watchful eye on it all can be overwhelming.
The key to keeping vendor risks under control is keeping a comprehensive vendor risk tracking list. The challenge is how to best do this with limited time and resources. In an article recently published by InformationWeek, our team shares a 6-step approach to stay on top of the vendors your company uses, and to ensure that their cyber and technology risks are accounted for and under control. Check out the full article on InformationWeek to learn more.
About the Authors
Jeff Rowley is a Principal Consultant at ACA Aponix, the cybersecurity and IT risk division of ACA Compliance Group. Jeff has over twenty years of experience in technology and risk in the financial sector. Most recently, Jeff served as Vice President for Bank of America Merchant Services where he was responsible for designing, implementing, and sustaining OCC compliant third-party programs. Jeff earned his Bachelor of Science from the University of North Texas and has accumulated advanced studies in Accounting and Computer Science from the University of Hartford and Rensselaer Polytechnic Institute, respectively. Jeff is a Certified Third-Party Risk Professional (CTPRP).
Sara Laverick is a Principal Consultant at ACA Aponix. Prior to ACA, she served as an Information Security Risk Consultant for HM Health Solutions, Inc. Before that, she served as a Data Security Analyst and later as a Data Processing Officer for Dollar Bank, Federal Savings Bank. Sara earned her Bachelor of Science degree in Information Science and Technology from Penn State University.