Leading international charity – The Salvation Army have recognised for some time the importance of not only managing direct organisational risk, but also indirect risk which their third-party supply chain can present.
The Salvation Army Information Security team were clearly aware that combating 3rd party cyber security risk and managing data protection was an on-going process and that existing in house practices and solutions must regularly be reviewed and constantly evolve to ensure maximum protection at minimum cost and effort. Internal historic practices, although still effective, were consuming more time, incurring more effort and increasing costs. Married with ensuring compliance against new legislation such as GDPR, it was recognised that change was required.
With that in mind CEO Miguel Fallios turned to RiskXchange from Northdoor.
Fallios recognised that RiskXchange provided a simple, automated and centralised risk management solution that would enable his organisation to better manage their own cyber risk score as well as ensuring their suppliers and third-party partners met their GDPR requirements. A stand out solution feature for the charity was the ability to automate the 3rd party supply chain cyber security risk management process.
Following a short and successful implementation, RiskXchange provides reassurance to the Information Security team that third-party cyber security risk is being minimised via a continual and automated assessment process, rather than a traditional ‘point in time’ view. In addition, the solution has helped to streamline the risk management process, saving valuable time and money which the organisation can re-invest into its core objective, helping people in need.
Miguel Fiallos, CIO of the Salvation Army, said:
“We are thrilled with the RiskXchange solution that has been provided to us by Northdoor. Ensuring that our third-party supply chain is secure is of paramount importance to us and whereas it used to take weeks and in some cases months to complete lengthy third-party vendor assessments, it now takes us hours. Northdoor has helped us to streamline the process, saving valuable time and money, which we can re-invest into helping people in need.
The Automated Security Ratings and Assessments solution that RiskXchange provides helps us facilitate sometimes tricky security analysis with our suppliers, making it an integral part of our vendor risk management program,”