12 November 2020Risk Management

Global companies join forces to tackle third-party risk management challenges

Risk and compliance specialist HITRUST has formed the HITRUST Third-Party Risk Management (TPRM) Council to foster collaboration between companies, third-party vendors, and advisory service firms.

The mission for the TPRM Council is to drive efficiencies and effectiveness as it relates to identifying, assessing, and mitigating risk in the complex supply chain ecosystem.

Founding members of the TPRM Council are global security, risk, compliance, and audit executives representing a diverse cross-section of organisations including Amazon Web Services, Google, Mastercard and Microsoft Azure. TPRM Council members are committed to identifying and supporting approaches to improve the current TPRM process—with a focus on increasing effectiveness and reducing inefficiencies.

“One of our goals for the Council is to ensure organisations are considering the impact on the supply chain as they mandate assurance requirements on their third parties,” said Bryan Cline, chief research officer at HITRUST.

“We are providing a collaborative forum for customers, their vendors, and their advisors to discuss these challenges, identify actionable solutions, and provide inputs directly to HITRUST on the approach toward doing just that—in the most effective, efficient manner.”

The need to ensure appropriate privacy and security over sensitive and confidential information, such as protected health information (PHI) or personally identifiable information (PII), with third-party vendors has never been more important.

“However, many current approaches to managing third-party risk have unintended, widespread impacts on companies and their vendors. Challenges exist around inconsistent and uncoordinated requirements that lead to redundant assessments. The results are inefficient uses of time, higher costs, increased burdens, and ineffective mitigation strategies.

“The HITRUST TPRM Council will serve to bring together customers, vendors, and partners across the ecosystem, helping to establish standards for both effectiveness and efficiency,” said Ashish Gupta, vice president, cyber & data product management at Mastercard.

“These objectives are in line with what we do every day at Mastercard, enabling better, more rewarding, and more secure experiences for businesses and individuals alike.”

Already registered?

Login to your account

To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.

Two Weeks Free Trial

For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk


More on this story

Risk Management
12 November 2020   In a time of unprecedented challenges for companies in the US, risk professionals need to plan ahead and get a seat at the table with the C-suite, according to RIMS president Laura Langone.
Risk Management
23 October 2020   While insurers have welcomed the hardening market, it poses a challenge for insurance managers—who are increasingly looking at alternative risk transfer solutions, according to Scott Feltham, group insurance manager for Compass Group. He explains why the hardening market could be bad for insurers in the long run.