Third-Party Risk Management (TPRM) – Alla Valente – BH20 #3
A firm’s network of third-party relationships can be a source of strength and an Achille’s heel, depending on the maturity of their risk management process. Companies have limited or no control over how third-parties secure their technology infrastructure, their applications, and their data, yet they're on the hook for breaches, cybersecurity incidents, and regulatory fines incurred.
Guest
Alla is a senior analyst at Forrester serving security and risk professionals. She covers governance, risk, and compliance (GRC), third-party risk management (TPRM), contract lifecycle management (CLM), and supply chain risk with a special focus on risk management frameworks. In this role, Alla helps Forrester clients establish strategy, adopt best practices, define a governance framework, and select technology to manage risk, improve business resilience, and strategic value-add. Her research also includes ethics and trust in digital transformation, enterprise risk management (ERM), and protecting the organization’s brand.