Regulators expect diligent oversight, which costs time, which is well… money. A good vendor management plan can be a worthwhile investment, considering the devastating consequences of a data breach, but it should be made proactively and thoroughly as possible. Vendor monitoring should include reviews of quality of service, risk management practices, financial condition, and applicable security/IT controls, policies, and reports. Take a look at this quick one-page to learn the 5 most effective vendor monitoring methods.
Cyber hacks and data leaks have become commonplace in digital business, but the past few years have seen a surge in reported breaches across the legal industry.
Exposure to risk doesn’t begin and end with a project or a client or an email. Thorough due diligence is essential to effective risk management, and risk management is essential to tracking, finding, and mitigating threats that increase your vulnerabilities (and your insurance premiums).
In 2013, the Board of Governors of the Federal Reserve System (FRB) issued the Supervisory Letter SR 13-19: Guidance on Managing Outsourcing Risk, which in conjunction with the FFIEC’s Outsourcing and Technology Services Booklet, aims at assisting financial institutions in developing secure Vendor Risk Management programs to mitigate risks associated with third-party service providers.
What is the SR 13-19 really, and what do you need to know? We sat down, tore into it, and put together this series to explain exactly what it means for your Legal Department and your Law Firms.
We love research and would be happy to share our finding with you