Third-Party Risk Management: Moving Toward Centralized, Automated Systems (HelpNetSecurity)


While concerns about third-party risk remain high – particularly regarding cyber security – 58% of organizations ranked their programs as maturing or advanced, according to NAVEX Global.

“We continue to see a move toward centralized and automated systems, which allow organizations to treat third parties the same way they treat their own employees with access to hotlines, training and policies,” said Randy Stephens, J.D., Vice President, NAVEX Global. “This is a smart approach, especially given the top concerns we see each year – even if some of those stated concerns fluctuate based on compliance failures in the headlines and shifting regulatory pressures.”

Top concerns for the year

Forty-nine percent of respondents said cybersecurity and data protection was their top concern this year. This is the first time cybersecurity was the top concern in this annual report with a 10 percentage point increase from the 2016 survey. Bribery and corruption was the second most-common concern at 42 percent, ahead of conflicts of interest (the top choice in the 2016 survey) at 34 percent.