Unleashed - How To Thrive As An Independent Professional

Show Notes Craig Callé talks about third party risk management (TPRM), with an emphasis on cybersecurity. TPRM is a subset of Governance Risk and Compliance (GRC), which aims to help organizations achieve their objectives, address uncertainties, and act with integrity. TPRM is crucial as over half of all data breaches occur through insecure third parties. Companies need to understand their third party relationships and monitor them more carefully, which requires a variety of tools and processes. Craig explains that TPRM can cover a variety of risks, including cybersecurity, but also financial viability, compliance with privacy, sanctions and other regulations, reputation management, supply chain issues, and alignment of ESG and sustainability objectives.   Defining GRC and Third Parties Craig explains that GRC is a broad category that includes TPRM, but also enterprise risk management (ERM), business continuity or operational resilience, policy management, controls compliance, privacy and ESG. ERM typical