SAI360 Logo

Third-Party and Vendor Risk News

PowerSchool Data Breach: Lessons for GRC Leaders about the Newest Third-Party Risks

The PowerSchool data breach has become a defining example of third-party risk failure in education and EdTech. It's a harsh wake-up call for ethics, Governance, Risk, and Compliance (GRC) teams. What Caused This Data Breach? On December 28, 2024, PowerSchool confirmed a compromised credential had been used to access its PowerSource customer portal—a system that supports school staff across 17,000 districts and serves over 55 ...

By |2025-05-08T12:18:20+00:00May 8th, 2025|Governance, Risk & Compliance: GRC, Third-Party and Vendor Risk|
Read More

Third-Party Risk Management for Stronger Compliance Security

Third-party risk management software introduces significant risks. If business operations are a house, vendors and third-party providers are the bricks holding it up. Exposing your valuable and highly confidential information to another company ups the ante for everything from cybersecurity threats to regulatory violations to operational disruptions and reputational damage. Done wrong, everything comes crashing down to the ground. When information is no longer in ...

By |2025-05-06T19:58:37+00:00March 12th, 2025|Governance, Risk & Compliance: GRC, Third-Party and Vendor Risk|
Read More

Why Your Business Needs Third-Party Compliance Training

Third-party compliance training (or a lack of) has been hitting the mainstream media headlines, given our increasingly interconnected world. Case in point? When Equifax experienced one of the largest data breaches in history, it wasn’t their own security systems that failed—it was a vulnerability in a third-party software vendor¹. The result? Personal data for nearly 150 million people was exposed, leading to a $425 million ...

By |2025-04-28T03:07:13+00:00March 2nd, 2025|Ethics & Compliance Learning, Third-Party and Vendor Risk|
Read More

Holiday Cheer or Ethical Fear? How to Manage Corporate Gift-Giving

Corporate gift-giving can spark compliance challenges if not done ethically. Corporate policies must consider variables, such as: What kind of gift? What is its value? What are the cultural expectations around this gift? What is the context in which the gift is exchanged? Can this gift be considered a bribe? Has it been gifted to carry a weight of expectation? Or is it merely a ...

By |2025-04-28T03:03:49+00:00December 16th, 2024|Code of Conduct, Ethics & Compliance Learning, Governance, Risk & Compliance: GRC, Third-Party and Vendor Risk|
Read More

The German Supply Chain Act

Building your data-driven approach to risk analysis As of January 1, 2024, the German Supply Chain Act (LKSG) governed by the Federal Office for Economic Affairs and Export Control mandates that companies in Germany with over 1,000 employees comply with obligations aimed at ensuring responsible supply chain management. With more organisations than ever feeling the pressure, leveraging data is the greatest way to identify, assess ...

By |2025-05-14T14:29:36+00:00August 16th, 2024|Compliance, Governance, Risk & Compliance: GRC, Integrated GRC, Third-Party and Vendor Risk|
Read More

Practical Strategies for Managing Your Third-Party Vendor Risk

In today's business landscape, companies rely on a network of vendors to deliver essential services. This dependence on third-party service providers spans various industries, including finance. Outsourcing tasks to these providers allows firms to leverage specialized skills, cutting-edge technologies, and gain operational efficiencies. However, with this reliance comes increased risk. Adversaries are targeting easier pathways into organizations, often exploiting vulnerabilities in third-party relationships. As businesses ...

By |2025-05-06T18:15:06+00:00June 19th, 2024|Governance, Risk & Compliance: GRC, Third-Party and Vendor Risk|
Read More

How to Prepare for the German Corporate Due Diligence Obligations in Supply Chains Act

As global supply chains become increasingly scrutinized, understanding and meeting the German Corporate Due Diligence Obligations in Supply Chains act (CDDOSC) is more critical than ever. By complying, businesses not only adhere to legal requirements, but also build a resilient, ethical, and competitive presence in the global market. In this eBook we break down how organizations operating in Germany should approach their responsibilities regarding human ...

By |2025-04-11T12:35:29+00:00May 22nd, 2024|Governance, Risk & Compliance: GRC, Integrated GRC, Regulatory Change, Third-Party and Vendor Risk|
Read More

The Modern Approach to Global Conflicts of Interest

With organizations always looking to scale, the interactions between staff, vendors, and deals become multifaceted. These interactions pose a significant risk due to potential unethical decision-making when conflicts of interest arise. To mitigate these risks, organizations are expected to have robust policies in place that cultivate trust and transparency for stakeholders. Failing to do so can have vast repercussions when it comes to reputation, integrity, ...

By |2025-04-11T12:37:58+00:00March 9th, 2024|Compliance, Financial Services GRC, Governance, Risk & Compliance: GRC, Healthcare GRC, Healthcare Revenue Integrity, Integrated GRC, Internal Controls, IT Risk & Cybersecurity, SAI360, Third-Party and Vendor Risk|
Read More

Watch our GRC Webinar: Benchmark Results and Best Practices

Your stakeholders are increasingly inquiring about what your organization is doing in terms of ESG, Ethics, Risk, Cybersecurity and Assurance. It is imperative to mature your GRC function and to truly understand what a mature GRC function looks like in terms of methodologies, ways of working, and level of integration between your second and third line of defense (compliance and risk). Register below to watch ...

By |2025-04-10T09:19:20+00:00March 8th, 2024|Business Continuity, Business Resilience, Compliance, Data Privacy & Protection, Financial Services GRC, Governance, Risk & Compliance: GRC, Healthcare GRC, Healthcare Revenue Integrity, Integrated GRC, Internal Controls, IT Risk & Cybersecurity, Regulatory Change, Third-Party and Vendor Risk|
Read More

Watch The Board Just Asked You “What’s our ESG Strategy?”…Now What? (Video)

In this webinar we discuss the fundamental steps you can take to implement an effective ESG program. Our speakers Jon Bricker from SAI360 and Kevin Sasser from Argos Risk discuss the following questions: How can professionals in the field of environmental and corporate governance effectively navigate their careers in the modern era of ESG? What strategies can be employed to shape the priorities of board ...

By |2023-11-16T14:43:43+00:00November 16th, 2023|Ethics & Compliance Learning, SAI360, Third-Party and Vendor Risk|
Read More

Solutions

Why SAI360

Resources

Company

G2 Badge

SAI360 logo

205 West Wacker Drive
Suite 1800
Chicago, IL 60606
(312) 546-4500

G2 Spring 2025 High Performer

SAI360 Logo

205 West Wacker Drive
Suite 1800
Chicago, IL 60606
(312) 546-4500

© Copyright | All rights reserved | SAI360 INC.

Trust & Security | Privacy Policy | Terms & Conditions | GDPR | Modern Slavery Statement