Statements (61)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Risk Management Process
|
| gptkbp:address |
Cybersecurity risks
Compliance risks Financial risks Operational risks Reputational risks |
| gptkbp:alsoKnownAs |
gptkb:TPRM
|
| gptkbp:appliesTo |
Organizations using third-party services
|
| gptkbp:focusesOn |
Managing risks from external vendors
|
| gptkbp:goal |
Reduce risk from third-party relationships
|
| https://www.w3.org/2000/01/rdf-schema#label |
Third Party Risk Management
|
| gptkbp:includes |
Contract management
Performance monitoring Risk mitigation Due diligence Ongoing monitoring Vendor risk assessment |
| gptkbp:involves |
Reporting
Continuous monitoring Risk scoring Contractual controls Document review Onsite assessments Remediation planning Risk assessment questionnaires Termination procedures Vendor classification |
| gptkbp:regulates |
gptkb:HIPAA
gptkb:PCI_DSS gptkb:SOX gptkb:NIST_SP_800-53 gptkb:ISO_27001 gptkb:CCPA gptkb:GDPR FFIEC guidelines OCC guidelines |
| gptkbp:relatedTo |
gptkb:audit
Compliance management Outsourcing Contract management Procurement Business continuity Information security Data privacy Supply chain risk management Vendor management Enterprise risk management |
| gptkbp:supportedBy |
Consulting firms
GRC platforms Industry frameworks TPRM software |
| gptkbp:usedBy |
Government agencies
Financial institutions Healthcare organizations Technology companies Large enterprises Manufacturing companies Retail companies Energy companies |
| gptkbp:bfsParent |
gptkb:TPRM
|
| gptkbp:bfsLayer |
7
|