TPRM Terms

Question 1

Third Party

Answer 1

Broadly defined to include all entities that can or do provide products and/or services to an organization regardless as to whether a contract is in place or monies are exchanged. Such entities can include, but not be limited to: Affiliates, Subsidiaries, Consultants, Contractors, Sub Contractors, Vendors, Service and Solution Providers, Fourth parties, and more.
-All entities that can or do provide products and/or services to an organization regardless as to whether a contract is in place or monies are exchanged

Question 2

Third Party Risk

Answer 2

The possibility of an adverse impact on an organization’s data, financials, operations, reputation, or other business objectives, as a direct or indirect result of an organization’s third party.
-The possibility of an adverse impact on an organization’s data, financials, operations, reputation, or other business objectives, as a direct or indirect result of an organization’s third party.

Question 3

Risk Equation

Answer 3

Risk = Impact of Risk x Likelihood Risk Will Occur

Question 4

Control

Answer 4

A process and/or activity used to monitor, review, and/or address a specific risk.

Question 5

Third Party Risk Management (TPRM)

Answer 5

The framework that consists of policies and procedures, controls, and oversight; established to identify and address risks imposed upon an organization by their third parties.