Third Party Risk Management
Operational Resilience and Data Privacy
Our third party assessment and data privacy experts Kevin McCloskey and Bjørn Ofstad share their thoughts on the experience in working with companies in regards to vendor risk management and the challenges being faced in regards to the COVID-19 pandemic and the requirements of the GDPR.
Operational resilience and personal data protection are two topics that are high on the agenda of most organizations these days. The focus on continuous operations and data privacy are being fueled by the disruptive effects of the Coronavirus on business and the excitement around the GDPR, and the menace of its large fines and with news of personal data leaks spreading on social media at the speed of a Tweet.
Companies have become more critical of their vendors and business partners and have learned to value reliability and maturity in a supplier. Recent events will only lend to further focus that attention on the vendor’s ability to maintain operations during a crisis, recover from significant disruptions, survive a financial crisis, and also comply with their obligations in regards to data privacy.
Deloitte Extended Risk Management Global Survey
Based on the Deloitte Extended Enterprise Risk Management Global Survey 2019, 83% of organizations experienced an incident at one of their third party suppliers / partners in 2019 with 11% of those being severe and 35% having a moderate impact. These incidents affect not only the supplier themselves and their customers’ but the customers of those companies that make use of their services.Recent events will only lend to further focus that attention on the vendor’s ability to maintain operations during a crisis, recover from significant disruptions, survive a financial crisis and also comply with their obligations in regards to data privacy. Read the article for their viewpoints.
Being advisors to clients on both sides of the customer and supplier equation and seeing the impact this is having on each gives us some interesting insight into the complicated issues arising. We have shared our view on the matter and provided some tips on how to organize a vendor management program with IIA.
The full article was first published on www.iiia.no, 1st of April 2020. Read the full story here.
Third Party Risk Management – Operational Resilience and Data Privacy
The perspective from our experts was first published on iia.no. Read the full story here.Read more