63% of data breaches involve a third party relationship.

The General Data Protection Regulation – which took effect in May 2018 – may at first blush seem like “just another EU rule”. However, organizations – and specifically third party risk management teams within them – would take a “tick-box” approach to compliance at their peril.

In fact, the GDPR is such a significant new rule that any organization that does business with EU nationals and holds some form of personal data on them, should dedicate the the time and resources to take a more strategic approach to risk management and compliance. Compliance with this rule requires a strategic approach because:

  • It is an EU regulation, but with significant extraterritorial implications. For example, it effects data about EU citizens processed elsewhere around the world.
  • Organizations have significant new risk responsibilities regarding the third parties they engage, who work with impacted personal data.
  • The new rule has much more robust protections woven into it for privacy, data protection, and consent.
  • The rule requires data protection to now be built into new products, rather than tacked on as an afterthought.
  • New fines and sanctions built into the rule are much more severe than under the previous rule – and would apply in the global way in which the rule is written.

For more information about the Aravo solution for GDPR Third Party Risk Management, please contact us.

Aravo GDPR - Executive Briefing.


Related Content:

Award Report - Aravo for GDPR wins award for third party GDPR compliance application

Webinar: Aravo & Deloitte: GDPR Advisory Discussion and Product Solution

Expert Series Podcast - Session 1 - GDPR & Why Organizations Need To Be Thinking About Third Party Risk

Infographic - EU GDPR & Third Party Risk - 5 Steps You Can Take Today

White Paper - Cybersecurity and Vendor Risk. The Third-Party Risk Challenge is Here Now

White Paper - Cybersecurity Regulatory Radar: Five Top Trends in Cybersecurity Regulation

White Paper - SSC & Aravo -- Transforming Insights into Cyber Resilience via Technology Integration

Executive Exchange Series - The Business Case For Better Third Party Risk Management

Executive Download - Buyers Guide to Third Party Risk Management

Additional Resources


Receive An Application Demo - Aravo for GDPR