Managing Third Party Risk
Some sources of risk that may not be top-of-mind include service providers, web hosting services, contractors, outsourcers, supply-chain nodes, consulting services, and travel services - any number of outside entities having custody of or access to sensitive information. If extended enterprise includes these third parties, one needs a way to manage this risk. Companies need to undertake a systematic approach to classifying, evaluating, and managing third party risk. This white paper discusses key considerations for implementing a comprehensive risk management methodology to address third party risks.