A new research by Mastercard Company RiskRecon and the Cyentia Institute explored the current state of third-party risk management (TPRM) programs and practices. Findings showed that TPRM professionals no longer see security questionnaires to provide sufficient information to understand and act on business’ third-party risk. The results of the survey of 154 TPRM professionals included findings such as that 79% of firms have a TPRM program with 84% of which use questionnaires for assessing vendor security risk. 81% of businesses report that at least 75% of their vendors claim perfect security compliance. However, only 14% say that they are highly confident that vendors actually perform the security requirements.
