Question: What are some important points to consider when looking to improve my third-party risk assessment function?
Josh Goldfarb, independent consultant: Most businesses work closely with and rely on third parties, suppliers, and vendors to help them accomplish their business objectives — but while third parties can provide many benefits to a business, they can also introduce risk.
So it’s important to holistically assess your third-party risk regularly. You should begin by prioritizing your risks and tailoring your third-party risk assessments accordingly.
Here are a few things you should not do:
What do you advise? Let us know in the Comments section, below.
Do you have questions you'd like answered? Send them to [email protected].
Josh (Twitter: @ananalytical) is an experienced information security leader who works with enterprises to mature and improve their enterprise security programs. Previously, Josh served as VP, CTO - Emerging Technologies at FireEye and as Chief Security Officer for ... View Full Bio