Best Practices for Third Party Collaboration

One of the main components of a successful third party risk management (TPRM) program is strong collaboration between a company and its vendors, subsidiaries, partners, etc.

As you work with your third parties while sharing visibility of their cybersecurity postures, potential risks, and compromising events, your organization can start to benefit from reduced aggregate risk across your ecosystem. Here are some of the best practices to efficiently and effectively collaborate with third parties:

• Take Advantage of the Client/Vendor Access Program
• Provide Actionable Supporting Data
• Maintain Communication
• Leverage Bitsight and the Bitsight Customer Success Team

Take Advantage of the Client/Vendor Access Program

Customers that are monitoring their third parties can invite and collaborate via the Client/Vendor Access Program, at no cost. Collaboration doesn’t need to wait until something bad happens – early collaboration in a third party relationship can help set expectations, mitigate risk, and reinforce good behavior right from the start.

Provide Actionable Supporting Data

Context is key. Specify concerning items, such as findings, the reason for the invitation, risk vectors, etc. as a place to start in your collaboration. Be sure to include a personalized message.

Direct their focus and efforts so they can respond with the information you care about most in a targeted way. Additionally, having a direct conversation via email is a great way to convey your expectations.

Maintain Communication

A TPRM program can be most successful when there’s open communication throughout the recipient company’s life cycle. Here are some ways to make sure that happens:

• Let your third parties know early-on that you’re using the Bitsight platform to monitor their cybersecurity posture.
• Talk to the recipient ahead of time to make sure you reach the appropriate collaboration contact who’ll be able to address your questions, concerns, and effectively manage your security expectations. If the account manager can’t remediate cybersecurity issues on their own, they should be able to direct you to someone in their organization who can.
• Follow-up to make sure they’re taking advantage of all the features of the Client/Vendor Access Program and are also communicating with the Bitsight Customer Success team to get all the information and support they need.

Leverage Bitsight and the Bitsight Customer Success Team

The Bitsight Customer Success team can play an integral role in facilitating collaboration between you and your third parties. We’re happy to help your third party understand Bitsight Security Ratings and how to use the Bitsight platform right away.

Other resources:

• The Bitsight Knowledge Base
• Bitsight Academy