Fusion Risk Management

DECEMBER 1, 2021

For more information on some of the best guidance in managing outsourced technology and vendors in general, please contact Fusion or refer to the FFIEC guidance in the IT examination handbook or the guide to outsourced technology: Risk Management of Outsourced Technology Services – November 28, 2000 (ffiec.gov).

Outsourcing 52

Outsourcing Alert Financial Services Outage 52

The Failover Plan Podcast

NOVEMBER 16, 2020

Previously, Green was the global head of business continuity for Sykes Enterprises, a business process outsourcer with 50,000 employees and 80 locations worldwide. James is a sought-after speaker, and has been interviewed by multiple publications, on the topics of workplace violence and integrated risk management.

Logistics 130

Logistics Outsourcing Authorization Business Continuity 130

Fusion Risk Management

SEPTEMBER 27, 2022

Third – party risk management (TPRM) continues to be a focus area for both regulated and non-regulated entities alike in the operational resilience landscape. The reason being that t hird parties often introduce added risk to organizations outside the scope of their direct control. .

Financial Services 52

Financial Services Risk Management Outsourcing Strategic 52

Fusion Risk Management

JANUARY 5, 2023

A key focus has been on technology and data service providers (TSPs) , as cyberattack incidents such as SolarWinds and Log4j have proven that third parties present risks that significantly impact important business services. One legislation addressing these risks is the landmark Digital Operational Resilience Act (DORA).

Resilience 52

Resilience Financial Services Audit Outsourcing 52

Fusion Risk Management

SEPTEMBER 12, 2022

Even if it is difficult to use that regulatory hammer to secure funding for budget to purchase technology, this should not stop a progressive organization from using effective risk management disciplines to run their programs and serve their customers. Or, as so well articulated by the great British writer C.

Resilience 52

Resilience Insurance Insurance Audit 52

Fusion Risk Management

AUGUST 17, 2021

Ask yourself one question: when is the last time I updated my third-party risk management policy and presented it to the board for approval? However, for the 1/3 that don’t, here are some helpful tips and notes: Scrutiny of third-party risk practices has never been greater.

Management 52

Management Audit Outsourcing Risk Management 52

Castellan

SEPTEMBER 24, 2021

Full-time employees are exempt or non-exempt permanent staff retained, managed, and compensated directly by your organization. Castellan essentially offers three services: project-based consulting (as described here), Castellan business continuity software , and a third service, outsourcing or managed services, which we’ll explore next.

Business Continuity 52

Business Continuity Outsourcing Consulting Disaster Recovery 52

Fusion Risk Management

FEBRUARY 10, 2022

In our previous blog “ The Importance of Ongoing Monitoring ,” we discussed what we often describe as the forgotten pillar of third-party risk management: ongoing monitoring. Tracking and managing complaints can be challenging. The Forgotten Pillar. Rarely will you hear customers expressing frustrations first-hand.

Evaluation 52

Evaluation Outsourcing Risk Management Media 52

Reciprocity

AUGUST 24, 2022

Every risk management program should include risks posed by your vendors. Beware, however: vendor risk management is a complex process unto itself, requiring ongoing monitoring and measurement. What Are Vendor Risk Management Metrics? What Are the Most Common Vendor Risks?

Management 52

Management Risk Management Cybersecurity Strategic 52

MHA Consulting

AUGUST 24, 2023

For those with a suitable temperament and skill set, a career in risk management can be rewarding due to the field’s broad scope, consequential nature, and rising prominence. In this week’s post, we’ll look at what a risk manager does and the skills it takes to excel in this role. It’s a permanent ongoing activity.

Risk Management 90

Risk Management BCM Management All-Hazards 90

Risk Management Monitor

DECEMBER 29, 2021

Provide them investigation training and consider augmenting with outsourced external investigators if an issue is large or complex. Be selective when choosing your investigators: Staff your investigative team with individuals who are not wired to let cases sit.

Marketing 80

Marketing Outsourcing Technology Communications 80

SRM

JUNE 30, 2020

If the current answer is no one, it’s important to task an individual, team or outsourced organisation with your company’s security protection. appeared first on Security Risk Management. What is the priority recovery order of systems and functions? Look at who is responsible for disaster recovery in your business.

Disaster Recovery 52

Disaster Recovery Continuity Planning Business Continuity BCP 52

Stratogrid Advisory

MAY 11, 2020

Listed below are some of the most common justifications for not implementing a robust Business Continuity Management (BCM) Program : 1. We outsourced everything, so we don’t need a Business Continuity Plan. Your organization made a strategic decision to outsource most of the services which are not your business differentiator.

Continuity Planning 52

Continuity Planning Business Continuity BCP BCM 52

Risk Management Monitor

JUNE 11, 2021

Traditional data loss prevention approaches, such as full data discovery, have arduous requirements and usually involve mandatory outsourcing for development and monitoring. Complete reliance on both fronts is hard, if not impossible. In fact, many CISOs only want to tackle the DLP challenge once in their career.

Management 49

Management Authorization Government Outsourcing 49

Fusion Risk Management

JANUARY 31, 2024

As organizations begin to determine the impact that DORA has on their specific business, a common thread has emerged: while Information and Communication Technology (ICT) Third-Party Risk Management (TPRM) is its own pillar in the regulation, TPRM touches on all other pillars of the regulation.

Management 52

Management Risk Management Activation Outsourcing 52

Fusion Risk Management

JULY 19, 2021

In the case of the tanker, it showed perhaps there could have been better planning for alternatives; in the case of COVID, it showed that industries needed to rely on their third parties as they rapidly scrambled to a remote outsourced business model.

Outsourcing 52

Outsourcing Pandemic Risk Management Evaluation 52

Reciprocity

SEPTEMBER 30, 2022

Third parties generate, manage, or hold this data, resulting in even more severe threats to healthcare organizations and their information security. This is why third-party risk management and healthcare data security are critical. What is Healthcare Vendor Risk Management? Notes on Vendor Access et. Access to PII.

Healthcare 52

Healthcare Management Risk Management Vulnerability 52

Risk Management Monitor

JUNE 14, 2021

Because much of this is done through outsourcing of systems and services to third parties, many enterprises have dramatically increased the scale and complexity of their risk surface. This may appear to be overwhelming, confusing and time-consuming.

Vulnerability 69

Vulnerability Outsourcing Cybersecurity Security 69

Stratogrid Advisory

JUNE 3, 2020

Additionally, the Business Impact Analysis (BIA) process outlined in Chapter 4 will leverage findings of the organizational Risk Assessment activity, which could be executed as a part of the BIA engagement. Vendor Risk Management When developing organizational continuity plans, third-party providers (e.g.

Business Continuity 52

Business Continuity BCM Impact Analysis BCP 52

Stratogrid Advisory

JUNE 3, 2020

Additionally, the Business Impact Analysis (BIA) process outlined in Chapter 4 will leverage findings of the organizational Risk Assessment activity, which could be executed as a part of the BIA engagement. Risk Methodology. Vendor Risk Management. IT Organization (internal and external if outsourced).

Business Continuity 52

Business Continuity BCM Impact Analysis BCP 52

Solutions Review

JANUARY 25, 2023

On top of that, these suppliers themselves outsource their material to second-tier suppliers. New systems will be a collection of smaller applications working harmoniously for better risk management and future outlook. The journey has already started with self-service systems, and it will continue for the next few years.

Government 116

Government Backup Application Security 116