Are Your Third Party Suppliers Safeguarding Your Data?
Date: Dec 7, 2016
The importance of knowing your third party suppliers
All organisations rely on a range of partners and suppliers in order to deliver their core services, and are at risk from the unintentional or unwitting actions of these third parties – in terms of indirect liability, data breach or loss, and reputational damage that can be incurred by association.
External parties receive and handle a range of potentially sensitive information from your organisation.
There is a possible lack of visibility and control over how your data is being handled. If the third party does not have the appropriate controls in place to safeguard your data, this raises the risk of inadvertent data security breaches and of non-compliance.
Only this week, saw the Scottish Football Association suffer a data breach via a third party supplier.
However, ensuring partners and suppliers manage your information securely is a significant challenge.
Done manually, it can be enormously time-consuming to survey each third party with which an organisation works, compile a risk register for each party, manage each one to minimise potential risks and provide timely audit reports.
As such, few companies ever achieve complete risk management across their ecosystem of third party relationships. That’s where the cloud-based automated Risk Register service from 3GRC can help.