{"id":71700,"date":"2023-09-01T14:30:02","date_gmt":"2023-09-01T06:30:02","guid":{"rendered":"https:\/\/version-2.com\/?p=71700"},"modified":"2023-08-25T14:34:30","modified_gmt":"2023-08-25T06:34:30","slug":"minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2023\/09\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\/","title":{"rendered":"Minimizing external risks: a step-by-step guide to third-party risk assessment"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"71700\" class=\"elementor elementor-71700\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"828\" height=\"473\" \/><\/p><article class=\"RichText_root__1_CNu BlogPostContent_richText__rG0U1\"><h2 id=\"what-is-a-thirdparty-risk-assessment\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">What is a third-party risk assessment?\u00a0<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Third-party risk assessments consider supply chain<b> risks associated with third parties<\/b>. They cut external risks while onboarding third parties to support business processes.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Any third party can introduce supply chain risks. This makes<\/b> company assets and systems more vulnerable. Integrating third-party risk assessments into your risk management strategy is essential.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This article will explain why third-party risk assessments matter. And we will provide a simple, practical guide to assessing suppliers.<\/p><h2 id=\"key-takeaways\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Key takeaways<\/h2><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Third-party risk assessment is a critical part of general risk management. <b>Companies should carry out risk assessments for all external partners. <\/b>Risk assessments protect sensitive data. They cut operational disruption. And they ensure that third-party relationships are compliant.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Due diligence is essential when assessing third-party risks. <b>Risk assessments should include comprehensive evaluations of external suppliers<\/b>. Critical areas include data security, geographical location, compliance history, and incident recovery processes.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Assessors should<b> grade third parties. Assessments should focus on operational importance and the ability to access sensitive data.<\/b> Concentrate on partners with the capacity to compromise security or damage internal systems.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Third-party risk management is a continuous process<\/b>. Companies should update risk assessments and check that they cover relevant risks.<\/p><\/li><\/ul><h2 id=\"what-is-a-third-party\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">What is a third party?<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">A third party is <b>an external agent that contracts with another company to supply goods or services<\/b>. Many companies rely on third parties. External partners support their work and make operational savings. Sometimes, companies rely on thousands of external partners. Common examples include:<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Professional office services<\/b>.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Marketing partners<\/b>.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Call centers and customer support<\/b> <b>services.<\/b><\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Freelancers <\/b>like coders, secretarial support staff, technicians, writers, videographers, and corporate trainers.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Financial support.<\/b> Includes accountants and partners for storing financial and customer data.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Cloud service providers<\/b><\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Security vendors<\/b><\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Travel and employee services<\/b><\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>ISPs<\/b>.<\/p><\/li><\/ul><h2 id=\"importance-of-thirdparty-risk-assessment\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Importance of third-party risk assessment<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Companies should never cut corners when assessing external partners<\/b>. There are many reasons to implement a comprehensive third-party risk management strategy.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Meeting regulatory requirements<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Many data security regulations demand third-party risk assessments<\/b>. Regulations with third-party requirements include:<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">European Union\u2019s General Data Protection Regulation (GDPR)<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Payment Credit Industry Data Security Standards (PCI-DSS)<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The Health Insurance Portability and Accountability Act (HIPAA) Companies that assess third parties will <b>strengthen compliance. And they will reduce their exposure to regulatory risks<\/b>.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Certainty about cybersecurity risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Most third-party vendors introduce cybersecurity risks. Comprehensive third-party risk assessments provide information about the cybersecurity practices of external partners. They allow <b>companies to choose secure partners.<\/b> Risk assessments also help companies improve general cybersecurity. They can put in place appropriate internal security controls that manage critical risks.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Avoiding reputational damage<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Customers trust companies with a commitment to security and transparency. Organizations that lose data or suffer regular downtime due to poor security struggle. A third-party risk assessment <b>filters out partners with poor operational or security records<\/b>. Screening partners improves the customer experience. It guards against attacks that ruin corporate reputations.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Financial protection<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Supply chain attacks are a common source of data breaches and malware infections. And <b>cyber-attacks can have a devastating impact on your corporate bottom line.<\/b> Data breaches cost money to compensate customers. Companies must pay regulatory fines, and invest in updated security technology. And you can prevent these costs by risk-assessing every third-party relationship.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Strategic efficiency<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Robust vendor management allows companies to move forward<\/b>. With dependable long-term partners in place, organizations can plan their mid-range goals. There should be no need to swap partners every six months.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Solid risk assessment processes lead to long-term relationships<\/b>. And these relationships are the basis for an effective corporate strategy.<\/p><h2 id=\"thirdparty-risk-types\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Third-party risk types<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Dividing risk allows assessors to generate more precise outcomes. It also gives managers a fuller picture of risks that each third party poses. Critical types of third-party risk include:<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Cybersecurity risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Third-party vendors often have access to internal networks and customer data. <b>Partners with network access could expose your company to cybersecurity risks<\/b>. A supplier risk assessment must establish which cybersecurity risks apply. It must also suggest appropriate action.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">For example, you might use a third-party Customer Relationship Management (CRM) system. This supplier could pose an information security risk. The third party could expose customer data through poor cybersecurity controls.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Operational risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Operational risks threaten <b>everyday company operations<\/b>. This category includes business continuity threats to network infrastructure and applications. But operational risks also cover the physical integrity of office spaces. And they include the ability of remote workers to connect. Third parties can also pose operational risks when their systems or products fail.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Compliance risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Third parties pose a compliance or regulatory risk. This happens <b>when their products or services breach regulatory rules.<\/b> For example, HIPAA demands tight information security and privacy for patient records. But an email filtering service with poor security controls could put this data at risk. Risk assessors should consider every relevant regulation when analyzing potential suppliers.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Financial risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Financial risk or organizational risk affects <b>revenues and profits<\/b>. Third-party relationships often help companies become more efficient. But the failure of vendor-supplied solutions can harm your finances. Vendor failure may immobilize payment portals. Or it could leave employees without access to critical resources. Vendors can also go out of business, leaving partners in limbo.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">Strategic risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Strategic risks refer to <b>long-term effects on how a company operates<\/b>. Third-party relationships should be durable. But supplier quality can decrease. Security practices can lapse, or partners may stop operations. Companies<b> must consider business strategy 2 or 3 years into the future<\/b>. Will third parties still be reliable partners?<\/p><h2 id=\"consequences-of-neglecting-thirdparty-risk-assessment\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Consequences of neglecting third-party risk assessment<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">What happens if you fail to assess third-party risks properly? In reality, the consequences can be damaging. Common results include:<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Regulatory breaches and penalties<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Lost customer trust and market share<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Increased downtime and network integrity<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Escalating cyber-attacks and security costs<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Loss of strategic control with constant changes in supplier arrangements<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Poor relationships with third parties as disagreements mount<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Inflexible supplier management if risk assessments are not updated<\/p><\/li><\/ul><div class=\"InlineRelatedArticles_root__QJQs_\"><div class=\"InlineRelatedArticles_itemContainer__LwAeZ\"><div class=\"BlogGridItem_imageContainer__a_Mw2\"><img decoding=\"async\" class=\"Image_autoHeight__eDTAt Image_autoWidth__spy21 BlogGridItem_image__8jQZn\" style=\"color: transparent;\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp\" sizes=\"(max-width: 1280px) 100vw, 50vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=384&amp;q=75&amp;fit=fill&amp;fm=webp 384w, https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=600&amp;q=75&amp;fit=fill&amp;fm=webp 600w, https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=640&amp;q=75&amp;fit=fill&amp;fm=webp 640w, https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=750&amp;q=75&amp;fit=fill&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp 828w, https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/2vmAPUjVBHOpJGQb7IwjeT\/bd55eed67e7094f1bef417f6dee2c5cf\/Case-Study_Board-of-innovation_cover_web_1400x800.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp 1280w\" alt=\"Case-Study Board-of-innovation\" width=\"0\" height=\"0\" data-nimg=\"future\" \/><\/div><\/div><\/div><h2 id=\"steps-to-conduct-a-thirdparty-risk-assessment\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Steps to conduct a third-party risk assessment<img decoding=\"async\" class=\"Image_autoHeight__eDTAt Image_autoWidth__spy21 RichText_image__z9xEG\" style=\"color: transparent;\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp\" sizes=\"(max-width: 1280px) 100vw, 50vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=384&amp;q=75&amp;fit=fill&amp;fm=webp 384w, https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=600&amp;q=75&amp;fit=fill&amp;fm=webp 600w, https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=640&amp;q=75&amp;fit=fill&amp;fm=webp 640w, https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=750&amp;q=75&amp;fit=fill&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp 828w, https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp 1280w\" alt=\"1 steps for risk assessment 1400x915\" width=\"0\" height=\"0\" data-nimg=\"future\" \/><\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Assessments must be comprehensive. And they should focus on risks that matter. Vendor risk assessments that consider outdated or irrelevant issues are useless. So how can you carry out effective supplier assessments?<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">1. Decide the scope of the risk assessment<\/h3><p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/4Hs3SIjqrqX2RfneBc3aPZ\/d469b1978236cbf0f8983333147b98c9\/1_1400x915.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"828\" height=\"541\" \/><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Start by <b>creating a risk assessment team<\/b>. Bring in expertise from different areas of the company. Broader expertise will help identify relevant risks that compliance teams might miss. Executive support is also critical to managing third-party risk across the enterprise.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Determine what forms an acceptable level of risk<\/b>. Some third-party risk is unavoidable. Assessment teams should be clear about identifying risks that need action and monitoring.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">2. Document third parties and identify critical risks<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The second step in the assessment process is <b>inventorying current third parties<\/b>. Document all partners and create separate vendor risk assessments for each one.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Next, decide which risks apply to each supplier. The following questions are helpful when understanding vendor risk levels:<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Does the supplier have access to internal networks and company data?<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Are there specific regulatory risks associated with the supplier? For example, HIPAA compliance.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">What security controls against cybersecurity threats does the third party operate?<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Does the supplier have an incident response plan and a risk management program?<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">What certifications does the supplier have?<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">What is the security record of the third party? Have they been subject to regulatory intervention?<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Where is the third party located? Does location matter?<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Are business partners likely to subcontract operations to other vendors?<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">At this stage, you may need to <b>request information from third parties<\/b>. Create a risk assessment form for suppliers that covers relevant areas. Or request information about security certifications if this is available.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">3. Classify risks on a third-party risk matrix<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The next stage involves assessing the severity of each vendor risk. The best way to do this is by using a matrix to generate risk scores.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">A risk matrix generally includes two axes with five entries on each axis:<\/p><ul class=\"RichText_ul__Ajzbe\"><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The X-axis grades the \u201cimpact\u201d of an event and runs from \u201cnegligible\u201d to \u201ccatastrophic\u201d. Scores double from left to right.<\/p><\/li><li class=\"RichText_listItem__DIiAr\"><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">The Y-axis assesses the likelihood of the event occurring. It runs from \u201cextremely unlikely\u201d to \u201cextremely likely.\u201d Again, scores double from bottom to top.<\/p><\/li><\/ul><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Scores rise as events become more likely and severe. For example, a CRM provider might steal customer data to sell on the Dark Web. We would classs this risk as \u201cunlikely\u201d. But the consequences would be \u201csevere\u201d giving it a score of eight.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">In another scenario a supplier fails to meet GDPR privacy standards. This would have a different score. In that case, the likelihood might be \u201clikely\u201d and the impact \u201cmajor.\u201d This results in a score of 12.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">This system makes it easy to <b>focus on the most urgent risks<\/b>. And it also makes it easier to revisit risk assessments during risk audits.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">4. Select third-party suppliers<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Use risk classifications to grade potential or existing suppliers. Choose third parties that provide services according to your company strategy. But only <b>pick partners with solid risk management practices.<\/b><\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">With a robust risk assessment in place, you should be able to choose reliable and secure partners. Security teams will also know <b>how to put in place controls to mitigate third-party risks<\/b>.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">5. Put in place continuous risk assessment<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Risk assessment does not end when controls and smooth relationships are in place. <b>Third-party risk assessment is a continuous process<\/b>.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Revisit each third-party assessment on at least an annual basis. Check that the initial process identified critical risks. And make adjustments to reflect changes in the risk environment. For example, a supplier may have suffered a data breach. Or they may have started subcontracting services. Both changes could affect the supplier\u2019s risk score.<\/p><h2 id=\"best-practices-for-thirdparty-risk-assessment\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">Best practices for third-party risk assessment<\/h2><h2 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\" width=\"828\" height=\"550\" \/><img loading=\"lazy\" decoding=\"async\" class=\"Image_autoHeight__eDTAt Image_autoWidth__spy21 RichText_image__z9xEG\" style=\"color: transparent;\" src=\"https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp\" sizes=\"(max-width: 1280px) 100vw, 50vw\" srcset=\"https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=384&amp;q=75&amp;fit=fill&amp;fm=webp 384w, https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=600&amp;q=75&amp;fit=fill&amp;fm=webp 600w, https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=640&amp;q=75&amp;fit=fill&amp;fm=webp 640w, https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=750&amp;q=75&amp;fit=fill&amp;fm=webp 750w, https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp 828w, https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=1080&amp;q=75&amp;fit=fill&amp;fm=webp 1080w, https:\/\/images.ctfassets.net\/5natoedl294r\/36GWGNZYChmkUJ3ZgdtKj2\/218c3c9d2d6a98aafd82fa5651f6b376\/2_1400x930.png?w=1280&amp;q=75&amp;fit=fill&amp;fm=webp 1280w\" alt=\"2 best practices for risk assessment 1400x930\" width=\"0\" height=\"0\" data-nimg=\"future\" \/><\/h2><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">1. Standardize risk assessments with a consistent template<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Third-party risk assessments should be comparable. Companies must assess many suppliers. And they need the ability to pick a partner that meets their risk requirements.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><b>Create standard risk assessment and questionnaire templates for each supplier.<\/b> Document risk assessments. Create a risk framework that enables informed decision-making when onboarding external partners.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">2. Understand the core risks your business faces<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Not all risks are equal. Focus on critical risks. These risks can damage your company\u2019s operational, compliance, and security posture.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Risks vary between sectors. Healthcare companies must follow HIPAA guidelines. Merchants need a robust PCI-DSS compliance framework. Select the risks that suit your business profile.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">3. Classify vendors according to their importance<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Vendors carry different amounts of risk. For instance, food delivery services are less critical than partners hosting financial data. <b>Clarify the most important external relationships<\/b>. Make them a priority when carrying out third-party risk management.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">4. Assign resources for third-party research<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Third-party risk assessments should <b>identify the strengths and weaknesses of suppliers<\/b>. Research vendor security processes, compliance histories, and client support services.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">5. Build risk into watertight vendor contracts<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Risk assessments should feed into third-party contracts or Business Associate agreements. <b>Make sure contracts include core compliance requirements.<\/b> State areas of responsibility for external partners. Track contracts as part of ongoing vendor risk assessment.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">6. Schedule risk audits for all suppliers<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Risk assessments should be dynamic. <b>Revisit each supplier assessment annually and check that previous risk classifications remain relevant<\/b>. Assess data security issues, including any data breaches. Ensure suppliers are compliant with any new regulations. And assess new risks that arise as regulations change.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">7. Focus on disaster recovery<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">When assessing third parties, always r<b>equest information about their incident recovery processes.<\/b> Find partners that cut downtime and restore services without compromising security.<\/p><h3 class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h3__gewqv\" data-testid=\"heading\">8. Always have a vendor exit strategy<\/h3><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Onboarding vendors is only half the challenge. <b>Companies should always change suppliers that fail to meet risk-based requirements<\/b>. Set a minimum service level and include this in vendor contracts. And enforce this policy to avoid using non-compliant partners.<\/p><h2 id=\"how-can-nordlayer-help\" class=\"Heading_root__vbfeI Heading_heading20__p7mXS Heading_primary__3VZgz Heading_normal__hJuNy RichText_h2__2iijA\" data-testid=\"heading\">How can NordLayer help?<\/h2><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">NordLayer&#8217;s security products will help you manage supply chain risk<b>. IP allowlisting<\/b> enables access for legitimate partners but blocks unknown identities. Users can apply <b>multi-factor authentication<\/b> (MFA). This ensures that internal employees and third parties verify their identities.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\"><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"\/features\/network-segmentation\"><b>Network segmentation<\/b><\/a> also allows organizations to protect confidential data and critical applications. Attackers targeting your supply chain may manage to gain network access. But NordLayer&#8217;s micro-segmentation tools restrict their ability to move between assets. As a result, the scope to extract data and damage systems is much lower.<\/p><p class=\"Text_text__rSWMU RichText_paragraph__DNqK4 Text_body50___cwDR\" data-testid=\"text\">Create a risk management program that minimizes external risks.<a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 Hyperlink_link__umZi8\" href=\"\/contact-sales\"> Contact us today<\/a>. Explore how NordLayer&#8217;s solutions can supplement your vendor risk management strategy.<\/p><\/article>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2004c86 elementor-widget elementor-widget-shortcode\" data-id=\"2004c86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63561\" class=\"elementor elementor-63561\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1b6aa2c4 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"1b6aa2c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1b283ee5\" data-id=\"1b283ee5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4e466f1a elementor-widget elementor-widget-text-editor\" data-id=\"4e466f1a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordLayer<br \/><\/strong>NordLayer is an adaptive network access security solution for modern businesses \u2013 from the world\u2019s most trusted cybersecurity brand, Nord Security.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>What is a third-party risk assessment?\u00a0 Third-party ris [&hellip;]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1075,1130,973,61],"tags":[974,1076,1132],"class_list":["post-71700","post","type-post","status-publish","format-standard","hentry","category-year2023","category-nordlayer","category-nord-security","category-press-release","tag-nord-security","tag-1076","tag-nordlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Minimizing external risks: a step-by-step guide to third-party risk assessment - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Minimizing external risks: a step-by-step guide to third-party risk assessment - Version 2\" \/>\n<meta property=\"og:description\" content=\"What is a third-party risk assessment?\u00a0 Third-party ris [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-01T06:30:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/09\\\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Minimizing external risks: a step-by-step guide to third-party risk assessment\",\"datePublished\":\"2023-09-01T06:30:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/09\\\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\\\/\"},\"wordCount\":2068,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/3L4DPuQz5HNrZU8bcFLK5c\\\/f20555b0c4b580291bb9b3122a7a1cf8\\\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\",\"keywords\":[\"Nord Security\",\"2023\",\"NordLayer\"],\"articleSection\":[\"2023\",\"NordLayer\",\"Nord Security\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2023\\\/09\\\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment\",\"name\":\"Minimizing external risks: a step-by-step guide to third-party risk assessment - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/3L4DPuQz5HNrZU8bcFLK5c\\\/f20555b0c4b580291bb9b3122a7a1cf8\\\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\",\"datePublished\":\"2023-09-01T06:30:02+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#primaryimage\",\"url\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/3L4DPuQz5HNrZU8bcFLK5c\\\/f20555b0c4b580291bb9b3122a7a1cf8\\\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\",\"contentUrl\":\"https:\\\/\\\/images.ctfassets.net\\\/5natoedl294r\\\/3L4DPuQz5HNrZU8bcFLK5c\\\/f20555b0c4b580291bb9b3122a7a1cf8\\\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/third-party-risk-assessment#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Minimizing external risks: a step-by-step guide to third-party risk assessment\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Minimizing external risks: a step-by-step guide to third-party risk assessment - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment","og_locale":"zh_HK","og_type":"article","og_title":"Minimizing external risks: a step-by-step guide to third-party risk assessment - Version 2","og_description":"What is a third-party risk assessment?\u00a0 Third-party ris [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment","og_site_name":"Version 2","article_published_time":"2023-09-01T06:30:02+00:00","og_image":[{"url":"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"12 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#article","isPartOf":{"@id":"https:\/\/version-2.com\/2023\/09\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Minimizing external risks: a step-by-step guide to third-party risk assessment","datePublished":"2023-09-01T06:30:02+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2023\/09\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\/"},"wordCount":2068,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp","keywords":["Nord Security","2023","NordLayer"],"articleSection":["2023","NordLayer","Nord Security","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2023\/09\/minimizing-external-risks-a-step-by-step-guide-to-third-party-risk-assessment\/","url":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment","name":"Minimizing external risks: a step-by-step guide to third-party risk assessment - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#primaryimage"},"thumbnailUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp","datePublished":"2023-09-01T06:30:02+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/third-party-risk-assessment"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#primaryimage","url":"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp","contentUrl":"https:\/\/images.ctfassets.net\/5natoedl294r\/3L4DPuQz5HNrZU8bcFLK5c\/f20555b0c4b580291bb9b3122a7a1cf8\/Third-party_risk_assessment_web_1400x800.png?w=828&amp;q=75&amp;fit=fill&amp;fm=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/third-party-risk-assessment#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Minimizing external risks: a step-by-step guide to third-party risk assessment"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-iEs","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/71700","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=71700"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/71700\/revisions"}],"predecessor-version":[{"id":71704,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/71700\/revisions\/71704"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=71700"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=71700"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=71700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}