Third-Party Risk Management (TPRM) – Alla Valente – BH20 #3
A firm’s network of third-party relationships can be a source of strength and an Achille’s heel, depending on the maturity of their risk management process. Companies have limited or no control over how third-parties secure their technology infrastructure, their applications, and their data, yet they're on the hook for breaches, cybersecurity incidents, and regulatory fines incurred.
Alla is a senior analyst at Forrester serving security and risk professionals. She covers governance, risk, and compliance (GRC), third-party risk management (TPRM), and supply chain risk management (SCRM). In this role, Alla helps Forrester clients establish strategy, adopt best practices, and select technology to manage risk, address key regulatory compliance issues, and improve business resilience. Her research also includes ethics and trust in digital transformation, RegTech, and protecting the organization’s brand.