Sign up to save your podcasts
Or
Share You Can’t Outsource Risk with Sandeep Bhide
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
You Can’t Outsource Risk with Sandeep Bhide
Sandeep Bhide is the Vice President of Product Management at ProcessUnity, a company that is making good governance, risk, and compliance (GRC) practices and tools available to organizations via third-party risk and cybersecurity program management tools. Tom Fox welcomes him to this week’s show to talk about their Third-Party Risk: A Turbulent Outlook Survey report and how ProcessUnity helps their clients.
The Purpose of ProcessUnity
Tom asks Sandeep to explain the basis of ProcessUnity and the key products and services they are offering. Sandeep says that the company offers cloud-based solutions that provide help for organizations of all sizes, that allows them to automate their risk and compliance programs. He adds that it is an easily customizable program that reduces manual administrative tasks and allows customers to focus on “the more strategic risk mitigation activities”. ProcessUnity has the ability to review the company's GRC program and deliver great results quickly.
Third-Party Risk: A Turbulent Outlook Survey Report
Tom wants to know what was the intent behind this report and how it came to fruition. Sandeep states that the objective of the study was to determine how well organizations understood and managed risk associated with their third-party partners. 301 IT and cybersecurity decision-makers and influencers participated in the survey, and they were asked about their concerns and challenges when managing certain risks, and how it has impacted the security incidents related to their third-party partners. Sandeep shares the overall findings of the survey found that:
The Gathering Storm
Tom asks Sandeep to explain the concept of “the gathering storm” and the technological solution ProcessUnity provides to help navigate it. Sandeep explains that the term refers to a supply chain attack executed by “close third-party relationships that have either physical or network access to equipment and premises and those that provide software vital to a business’ operation.” Sandeep then warns that companies should vet these third parties since their role is so important. Most companies would rather focus on their core businesses, however; they feel it doesn't make economic sense for them to do everything themselves and third parties provide the types of talent they need to properly conduct their business. Sandeep comments that “companies can outsource the work which is an imperative for them, but they can’t outsource the risk”. To manage your third parties, you must have multiple in-house and out-house methods to vet them, including questionnaires or assessments. You have to get to know your partners because they have the most risk attached to them.
Resources
Sandeep Bhide | LinkedIn | ProcessUnity
View all episodes
By Thomas Fox
4.4
1616 ratings
Sandeep Bhide is the Vice President of Product Management at ProcessUnity, a company that is making good governance, risk, and compliance (GRC) practices and tools available to organizations via third-party risk and cybersecurity program management tools. Tom Fox welcomes him to this week’s show to talk about their Third-Party Risk: A Turbulent Outlook Survey report and how ProcessUnity helps their clients.
The Purpose of ProcessUnity
Tom asks Sandeep to explain the basis of ProcessUnity and the key products and services they are offering. Sandeep says that the company offers cloud-based solutions that provide help for organizations of all sizes, that allows them to automate their risk and compliance programs. He adds that it is an easily customizable program that reduces manual administrative tasks and allows customers to focus on “the more strategic risk mitigation activities”. ProcessUnity has the ability to review the company's GRC program and deliver great results quickly.
Third-Party Risk: A Turbulent Outlook Survey Report
Tom wants to know what was the intent behind this report and how it came to fruition. Sandeep states that the objective of the study was to determine how well organizations understood and managed risk associated with their third-party partners. 301 IT and cybersecurity decision-makers and influencers participated in the survey, and they were asked about their concerns and challenges when managing certain risks, and how it has impacted the security incidents related to their third-party partners. Sandeep shares the overall findings of the survey found that:
The Gathering Storm
Tom asks Sandeep to explain the concept of “the gathering storm” and the technological solution ProcessUnity provides to help navigate it. Sandeep explains that the term refers to a supply chain attack executed by “close third-party relationships that have either physical or network access to equipment and premises and those that provide software vital to a business’ operation.” Sandeep then warns that companies should vet these third parties since their role is so important. Most companies would rather focus on their core businesses, however; they feel it doesn't make economic sense for them to do everything themselves and third parties provide the types of talent they need to properly conduct their business. Sandeep comments that “companies can outsource the work which is an imperative for them, but they can’t outsource the risk”. To manage your third parties, you must have multiple in-house and out-house methods to vet them, including questionnaires or assessments. You have to get to know your partners because they have the most risk attached to them.
Resources
Sandeep Bhide | LinkedIn | ProcessUnity
More shows like Innovation in Compliance with Tom Fox
View all
Global News Podcast
7,754 Listeners
BiggerPockets Real Estate Podcast
16,809 Listeners
FCPA Compliance Report
19 Listeners
Compliance Perspectives
33 Listeners
Pivot
9,111 Listeners
Everything Compliance
1 Listeners
Compliance into the Weeds
11 Listeners
Daily Compliance News
7 Listeners