How to Develop Effective Information Gathering for Third Parties

Presented by

Alex Hollis

About this talk

Two-thirds of data breaches occur due to an insecure or poorly managed third-party relationship. Gaining control over your network of vendors is a critical risk activity. Join Alex Hollis, SureCloud’s GRC Practice Director as he discusses efficient and effective information gathering from third parties. The session will cover: •How to evaluate your information needs •Prioritizing, planning and structuring the information gathering •Use of categorization, tiering and risk scoring •Building the question library •Reducing the manual administrative burden from the system •Reducing “assessment fatigue” - The human element of answering questions Alex has over 16 years’ experience in IT, mobile technology and software development. He has spent the last seven years specializing in governance, risk, and compliance (GRC).

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (70)
Subscribers (10507)
SureCloud provides Cloud-based GRC Applications and Cybersecurity Services that help our customers achieve an integrated approach to managing their risk, compliance and information security. The SureCloud Platform is simple but powerful technology that gives our customers a single source to view and manage GRC and cybersecurity processes from anywhere in the world. Our customers benefit from automating formerly spreadsheet-driven processes but increasingly from addressing strategic initiatives such as the EU GDPR, ISO 27001, IRAM2, NIST, PCI and others. Check our CYBERSECURITY content here: Register to our USA channel here: