ABAC & ESG: 5 Implications For Your Third-Party Risk Program

Driven by current trends, third-party risk management is evolving beyond traditional cybersecurity topics to include assessing non-cyber categories such as anti-bribery and corruption (ABAC); environment, social and governance (ESG); ethics, and diversity. As more business teams are demanding insights into their third parties’ policies in these areas, how can the IT security team – long the owners of third-party risk management programs – adapt?

This webinar, presented by Nasser Fattah, former Managing Director for Information Security at Mitsubishi UFJ Financial Group, discusses how IT security teams can build bridges to business owners to deliver more holistic third-party risk management insights, including:

• Considering additional non-cybersecurity criteria while making vendor tiering, categorization, and prioritization decisions
• Conducting specific non-cybersecurity assessments and correlating the findings alongside cybersecurity results
• Layering in vendor business and reputational monitoring to add context to existing cybersecurity risk assessments
• Unifying internal teams under a single dataset to simplifying reporting
• Eliminating cumbersome spreadsheets that add complexity to assessing third parties

IT security and third-party risk management practitioners will gain a simple 5-step roadmap for efficiently expanding the scale and scope of their TPRM programs.