Companies Plan to Change Third-Party Vendors that Pose Highest Risks, According to Protiviti and Shared Assessments Survey
Insurance companies, including healthcare payers, appear much more likely to make de-risking moves, with cost concerns and a lack of internal expertise to evaluate vendor controls cited as other primary reasons. The study, now in its fourth year, finds that 71 percent of these organizations will likely change their high-risk relationships over the next 12 months. Nearly half of all respondents (48 percent) said it has become imperative from a risk and regulatory standpoint to assess vendors' contractors.
The survey of 539 C-suite executives and risk management and audit professionals was conducted across a wide range of industries in the second and third quarters of 2017, with the majority of their organizations having revenues exceeding
"While our study revealed increased board engagement in cybersecurity, there is an 'engagement gap' in that boards remain more engaged in their own companies' internal cybersecurity risks than the cybersecurity risks of the organizations' vendors, which can have negative repercussions if even one of those vendors has a severe data breach," said
"Despite some improvement in vendor risk management overall, our study has found that – with some notable exceptions – progress has been incremental since the study's first iteration in 2014. The single most important step an organization can take to improve its third-party risk management performance is to undertake periodic, arm's length evaluations of its program's effectiveness. Regular benchmarking is extremely important given the challenges associated with a rapidly evolving, volatile external risk and regulatory environment," said
The research, which looks at organizations' maturity of vendor risk management, is based on the comprehensive Vendor Risk Management Maturity Model (VRMMM) developed by the Shared Assessments Program.
Resources Available to Learn More
Protiviti will host a complimentary webinar at
To access a complimentary copy of the full report, 2017 Vendor Risk Management Benchmark Study, please click here.
About the Shared Assessments Program
The Shared Assessments Program is the trusted source for third party risk management with resources, including tools and best practices, to effectively manage the critical elements of the vendor risk management lifecycle. Members represent a collaborative, global, peer community of information security, privacy, and third party risk management leaders in industries including financial services, insurance, brokerage, healthcare, retail, and telecommunications. The Certified Third Party Risk Professional (CTPRP) certification program, membership, and use of the Shared Assessments Program Tools, ensure organizations stay current with the threat and risk environment, including regulations, industry standards, and guidelines. Shared Assessments provides organizations and their service providers the rigorous controls needed for IT, data security, privacy, and business continuity. The Shared Assessments Program is managed by The
About Protiviti
Protiviti (www.protiviti.com) is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Through its network of more than 70 offices in over 20 countries, Protiviti and its independently owned Member Firms provide clients with consulting solutions in finance, technology, operations, data, analytics, governance, risk and internal audit.
Protiviti has served more than 60 percent of Fortune 1000® and 35 percent of Fortune Global 500® companies. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of
Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.
Editor's note: infographic of survey highlights available in PDF or JPEG formats. Photos available upon request.
View original content with multimedia:http://www.prnewswire.com/news-releases/companies-plan-to-change-third-party-vendors-that-pose-highest-risks-according-to-protiviti-and-shared-assessments-survey-300557579.html
SOURCE Protiviti
Digital Matrix Systems, Inc. Joins Silicon Valley Insurance Accelerator
BNY Mellon Wealth Management Names Peter Paolilli as Senior Wealth Director in Chicago, Illinois
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News