Sometimes we need to lead with the taboo statement. Traditional VRM as practiced by most businesses today amounts to little more than an elaborate "cover your ass" ritual. The notion that questionnaires and compliance reports alone can significantly reduce risk is misleading at best and willfully ignorant at worst. The most effective way to reduce vendor risk is by proactively insulating your business, your customers, and your data from inevitable issues, rather than relying solely on "industry best practice" VRM method.
The GRC Podcast’s Post
More Relevant Posts
-
When a major vendor breach occurs, it reveals a critical flaw in traditional VRM approaches: despite passing the risk assessments of all its customers—including unique questionnaires from each of the 20,000+ businesses—it still got breached. This poses a serious question: if such a large collective of businesses, each employing their own VRM strategies, cannot identify the vulnerabilities and risks that lead to breaches, what real value do these efforts offer? The constant widespread failure should make any reasonable person challenge the notion that traditional VRM processes, beyond serving as basic due diligence, genuinely reduce risk or offer any real security guarantees.
Sometimes we need to lead with the taboo statement. Traditional VRM as practiced by most businesses today amounts to little more than an elaborate "cover your ass" ritual. The notion that questionnaires and compliance reports alone can significantly reduce risk is misleading at best and willfully ignorant at worst. The most effective way to reduce vendor risk is by proactively insulating your business, your customers, and your data from inevitable issues, rather than relying solely on "industry best practice" VRM method.
Traditional (Passive) Vendor Risk Management is Bullsh*t - The GRC Podcast
buzzsprout.com
-
Many business leaders are excited about the opportunities GenAI offers to their organizations. But they also recognize refreshed risk management practices are going to become more vital. Learn more by reading our latest perspective into fostering a risk-aware approach.
A risk-aware approach to GenAI implementation
share.postbeyond.com
-
Many business leaders are excited about the opportunities GenAI offers to their organizations. But they also recognize refreshed risk management practices are going to become more vital. Learn more by reading our latest perspective into fostering a risk-aware approach.
A risk-aware approach to GenAI implementation
share.postbeyond.com
-
Many business leaders are excited about the opportunities GenAI offers to their organizations. But they also recognize refreshed risk management practices are going to become more vital. Learn more by reading our latest perspective into fostering a risk-aware approach.
A risk-aware approach to GenAI implementation
share.postbeyond.com
-
➕ Mindset Partner & Career Coach | MedComms Pro | I help health professionals who are feeling stuck, lost, uninspired or burned out, combine their life passion w/ their career🌱 | Reach out to unlock your potential 🚀
Day 7 of #Realistic #Positivity - Go for it and take a #Risk! What's the worst that can happen? Follow and Subscribe to the Positive Perspective Mindset (P2M) Channel! New #Positive snippets series!
-
Our Cyber, Risk and Regulatory practice, together with various teams at #PwC, have thought about the #risks emerging from generative AI. Here is a playbook focused on helping organizations move quickly on opportunities -- responsibly.
A successful GenAI strategy starts with strong risk management. Proud to have played a part in bringing this perspective to the market.
Managing the risks of generative AI
dynamicsignal.pwc.com
-
A successful GenAI strategy starts with strong risk management. Learn more in our playbook.
Managing the risks of generative AI
dynamicsignal.pwc.com