Category Archives: Vendor Risk Management

VRM and Regulations

VRM is becoming a more widespread nowadays, and more and more organizations realize the importance of conducting proper vendor verification process to reduce cyber risk. This awareness is a result of high-profile incidents (such as Target and Lockheed Martin) but also of intimate knowledge of the risk. At a recent survey, two-thirds of respondents reported […]

You can have your cake and eat it (too)

It’s always nice to see something you are building grows and becomes a core key component in your customer’s experience. This time we’re talking about Findings Notification system, which delivers events to your (and your supply chain’s) mail box, facilitates streamlined collaboration and process management. The challenge with scalable notification engines is to balance between […]

Considerations For Evaluating Vendor Risk Management Solutions

The Vendor Risk Management (VRM) space has quickly become a hot topic this year.  It seems like everywhere you turn, new companies offering VRM solutions are popping up.  As we’ve seen with other markets in security, most vendors in the space use the same marketing buzzwords.  Each vendor seems to claim that it provides all […]

Welcome to Findings Blog

Third Party Risk – also known as supply-chain security or VRM (Vendor Risk Management)is rapidly evolving to be one of the highest priority items within each and every security organization. VRM has unique challenges, however, as it combines multidisciplinary data protection and privacy aspects, alongside regulatory implications and the need to operate at scale. Implementing an […]

Supply Chain Integrity Month

April brings us spring weather, tax filing deadlines, and also supply chain integrity month.     US-CERT is helping to call attention to an important risk that all organizations face.  Per the US-CERT posting (https://www.us-cert.gov/ncas/current-activity/2019/04/01/Supply-Chain-Integrity-Month):   “ The Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the […]