In daily life as an individual, you rely on others – from neighbors to police to lawyers and judges to armed forces – for protection against threats of all kinds. At the same time, you also bear responsibility: the more careless or inclined toward risk you are, the less secure you become.
Members of RMA’s Third-Party Risk Management Round Table are experienced leader-practitioners, individually and collectively creating emerging best practices in third-party risk management. As the round table’s facilitator, subject matter expert, and member of the Steering Committee, it’s exciting and rewarding for me to be integral to this evolution.
Offshoring and outsourcing don’t exist in a vacuum. These are processes that take advantage of and are influenced by technology, politics and the larger economy. Look at the last big round of offshoring at the start of the century. It didn’t just “happen” without any reason. Very specific changes facilitated this age of outsourcing.
Recent stories by, amongst others, the BBC detailing large, well-organised and presumably very profitable scamming organisations targeting UK TalkTalk customers have hardly helped the already-lowly reputation of offshore contact centres - but may unfortunately be only the tip of a perilous iceberg.
In a multi-partner service delivery model, transparency and visibility are essential to an effective security and supplier risk management (SRM) strategy. Yet a wide range of evidence suggests that this transparency is sorely lacking in many cases. According to a study by the independent Ponemon Institute, 73 per cent of suppliers that experience a data breach don’t notify other vendors in the supply chain, while more than a third (37 per cent) of suppliers don’t notify their customers.