Organizations spend inordinate amounts of money protecting fortresses but neglect the immediate risks posed by unfortunate partners. Organizations attempt to rein in third-party risk through on-site visits, security questionnaires, and intrusive, one-time audits. The key to managing partner risk is having truly verifiable evidence. The faster you are able to make an informed decision the more business value you can extract. The independent security risk evidence that is now available via technologies that span big data, threat intelligence, and governance, risk, and compliance systems can help organizations make smarter decisions.”]
Source: https://www.darkreading.com/attacks-breaches/new-approaches-to-vendor-risk-management