Nonprofit organizations play a crucial role in society, focusing on important causes like environmental conservation, humanitarian aid, and community development. Nonprofits often collaborate with third parties, like vendors, service providers, and even other nonprofits, to streamline operations and make their mission-driven work more effective. However, it's important to recognize that working with third parties comes with its own set of risks. Third parties expand the risk landscape for nonprofit organizations, introducing potential liabilities that must be effectively managed ..read more

Automation has been an absolute game-changer for third-party risk management. It can almost seem like a superhero on your team, speeding up processes, catching errors, and allowing full-time employees to focus on strategic tasks. However, even with the rise of automation tools like artificial intelligence, it’s essential to remember that even superheroes need sidekicks. While automation is powerful, human intellect and review remain essential in due diligence ..read more

One often overlooked way to manage risks when working with your third-party vendors is by making sure your vendors have the necessary insurance coverage. To validate your third-party vendor’s insurance coverage, it's a common practice to ask for and review a copy of their certificate of insurance (COI), but what do you do once you’ve received the COI? To make sense of it and ensure that it's valid, it's useful to understand some basic terminology and types of policies ..read more

Unforeseen natural disasters and unexpected events can wreak havoc on any business, but particularly for commercial real estate developers. Not only do developers need to worry about the physical building, but also the safety of occupants and operational continuity. To remain prepared, commercial real estate developers must establish a robust and comprehensive business continuity plan (BCP) and ensure their vendors have done the same ..read more

Stay up-to-date on the latest vendor risk management news happening this month. Check out the articles below ..read more

Cyberattacks, natural disasters, and technology outages are just a few events that can create significant operational disruptions for your organization and your vendors. While these events aren’t a new concern, regulators across the world have been developing more guidelines and frameworks to help organizations strengthen their operational resilience ..read more

Climate-related disclosures have steadily gained prominence in recent years, with regulations currently established in the EU and California. Many organizations have anticipated regulations at the U.S. federal level for almost two years since the SEC first proposed its rule on climate-related disclosures in 2022. The wait is now over. On March 6, 2024, the SEC issued The Enhancement and Standardization of Climate-Related Disclosures for Investors ..read more

In 2014, the National Institute of Standards and Technology (NIST) released its Cybersecurity Framework (CSF) as a guide for organizations in critical infrastructure. Ten years later, CSF 2.0 has been released and is intended for a much broader audience. Organizations in any industry can use the new framework as a guideline for improving their cybersecurity programs. In addition to this broader scope, CSF 2.0 dedicates more attention to managing supply chain cybersecurity risk, which is a part of third-party cybersecurity risk ..read more

Countless organisations in Australia outsource to service providers for products and services, which can reduce costs and increase efficiency. However, outsourcing also comes with its own set of risks. When organisations use external service providers, vendors, or third parties, they may face data breaches, loss of sensitive information, and reputational damage ..read more

Stay up-to-date on the latest vendor risk management news happening this month. Check out the articles below ..read more