Blog

Third Party Risk Management Conference

Phinity Risk Solutions, in partnership with Mobius, will be speaking at the first Third Party Risk Management Conference in South Africa. Come and join us as we share our gained insights into managing third-party risks. We will provide our view on how best to approach this complex process and how to get the best results. […]


Who Cares About Third Party Risk Management?

Your board of directors, the group risk officer, and those responsible for information privacy governance. And anyone within a multinational organisation involved in manufacturing, retail, education and financial services. In your organisation, can you honestly answer yes to the following? Are all your third-party risks being considered in the organisation’s overall approach to enterprise risk […]


Is risk ownership aligned to the board of directors?

Providing risk management with a dedicated home at board level allows for the clearer oversight and accountability of management and processes. In turn, this ensures sound governance practices and a focus on transforming risk management into a centre of excellence. The board of directors is where the risk “buck stops”. After all, this is the […]


Application Attack Surface

When assessing application risk, many organisations focus on the obvious: the software that they already know. They then proceed to overlook the full inventory of applications and code when reviewing digital assets. These ‘known’ applications typically have a high brand value or financial value, carry compliance requirements, or have been linked to previous breaches. The […]


What is DevSecOps?

What is DevSecOps? The term “DevSecOps” places information security into the original operating model of “DevOps”. DevOps itself refers to the collaborative operating team of software developers and IT operations staff. DevOps is common practice the world over. The trouble, though, is that it was built for agility, speed and reliability – not security. And […]


Third Party Risk Management Software for the Financial Sector

Regulators the world over are now holding financial institutions responsible for the actions of their third parties — thanks largely to the 2008 financial crisis and several high-profile attacks that leveraged third parties’ information security weaknesses. As a result, the financial services sector now requires strong third party risk management. The governance, compliance and regulatory […]


Third Party Risk Management Silver Lining is Industry Self-Regulation

In today’s business environment it’s impossible to find a company that doesn’t contract with a third-party vendor to provide services. However, the convenience, flexibility and opportunities of outsourcing to third parties comes with significant risks. The risks vary from industry to industry, the common threats being regulatory and the impact of a potential third-party vendor […]


THIRD PARTY RISK MANAGEMENT A KEY GLOBAL PRIVACY COMPLIANCE REQUIREMENT

Background to current privacy challenges Organisations that collect and process personal information are faced with increasing Privacy compliance challenges, especially where their operations span multiple geographic regions. This, paired with a growing reliance on external service providers to support core business operations, creates complex Privacy compliance challenges. Some Privacy models are more comprehensive than others, […]


ISACA Max Blecher Innovation Award Winner: Triplicity

Congratulations to Patrick Ryan, the Managing Director of Mobius Services (Pty) Ltd & Phinity Risk Solutions, for winning the award. Under Patrick’s direction, Mobius developed a Third Party Risk Management (TPRM) methodology in 2015, to assist clients in managing their third party risks. Previously, in assisting several organisations to implement their own programmes, Patrick had […]


Bitnami