The challenge of third-parties: how to achieve acceptable risk

Join us to learn more about the challenges involved with introducing third-parties to your organisation

Do you want to watch a recording of this webinar? Please visit: https://www.youtube.com/watch?v=pDoW7gvOkrs

Most organisations work with third-parties to varying degrees - from simple hire-ins to complex open-source integrations in the critical value chain. There is always inherent risk in allowing third-parties access into your organisation.

Ensuring that this is done with an acceptable risk level can often be challenging. In this webinar, we will explore some of the key assumptions that need to be addressed in order to have efficient governance systems, and the main benefits and disadvantages of using soft (high-level) or hard (controls) security requirements when evaluating third-parties’ security maturity.


In this webinar, Torbjørn will go through the necessary, but often forgotten, dependencies to third-party governance. He will also take a look at the most common challenges of actually finding the acceptable risk level and the necessary controls when introducing third-parties to your organisation. Torbjørn will also share his key lessons learned from using the NIST 800-53 Security Controls framework toward vendors.

Language: English
Technical level: 2/5