In the age of growing globalization, businesses of every size and industry are increasingly relying on the services and solutions of external vendors. While this practice can prove beneficial, it can also leave the door open for security concerns. As technology such as the cloud, sensors and the IoT evolves, it’s more important than ever for organizations to be vigilant in how they work with external vendors to ensure the security of their confidential, sensitive data.

In this presentation, we will take participants through best practices for building a successful, efficient vendor risk management program. We’ll start by talking through case studies, highlighting examples of poor and successful programs and focusing on what made them fail or succeed. Typically, a flourishing program begins with client surveys, questionnaires and resource constraint solutions. Poor vendor risk management programs usually have several things in common: insufficient resources, stakeholders lack knowledge about critical vendors, management issues across borders, and sensitive data is not properly handled. Additionally, we will address the opposing key challenge: effectively responding to vendor questionnaires from your clients.

In conclusion, we will talk through the evolving areas in risk management that vendor management or compliance teams should focus on: the IoT, cloud and electronic access control.