Marc Etienne Cortesi

What Third-Party Cyber Risk Management can learn from established security functions

5 October 2025

In today’s interconnected economy, an organization’s resilience depends not only on its own security posture but on the strength of its extended ecosystem. While third-party cyber risk management (TPCRM) is evolving, physical and supply chain security have long established mature frameworks. The question is: What can TPCRM learn from them?

SOLUTIONS

Governance, Risk & Compliance (GRC)

Contract Lifecycle Management (CLM)

Business Process Modelling (BPM)

Integrated GRC Solutions

Manage contracts securely and minimise risks

StorIT and Swiss GRC join forces to deliver GRC solutions across MENA

Technology Partners

Identify, model and continuously optimize processes

PLATFORM CAPABILITIES

Fundamentals

Third-Party Intelligence

Standards & Regulations

Platform Community

AI Assistant

AI Assistant

Configurability

Deployment

Security & Compliance

Partner Portal

Media Search Screening

Sanctions Screening

Media Search Screening

Speech & Voice Analytics

Risk Spillover

Dynamic Profiling

Ratings

Supported standards and regulations

ISO 31000 / COSO

DORA

ISO 27001

NIS2

NIST

GDPR

BSI IT-Grundschutz

PCI-DSS

StorIT and Swiss GRC join forces to deliver GRC solutions across MENA

Technology Partners

Cutting-edge and diverse topics on governance, risk and compliance at SWISS GRC DAY 2025. Read the review!

Author: Marc Etienne Cortesi

What Third-Party Cyber Risk Management can learn from established security functions

Standards & Regulations

Company

Standards &
Regulations