Search Results

When the CFO asks "How many active suppliers do we have?", and you get three different answers from Procurement, Accounts Payable, and Legal, you don't have a TPRM problem - you have a data architecture problem. This scenario plays out more often than most organizations care to admit. Third-party risk management programs invest heavily in assessment tools, monitoring platforms, and automation workflows. But underneath all that technology sits a foundation that's often fractured: the supplier data itself. Multiple systems. Duplicate records. Conflicting information. Outdated details. No single source of truth. The result? TPRM teams spend enormous effort not managing risk, but managing data chaos. And that chaos creates real exposure that no amount of sophisticated tooling can fix. The Symptom Everyone Recognizes Ask any TPRM practitioner what consumes their time, and you'll hear familiar complaints: "We discovered during an audit that the same supplier had three different risk tiers across our systems." "IT says a vendor has admin access to our environment, but Procurement has no contract on file for them." "Legal approved a supplier based on one set of financials, but Finance is seeing completely different numbers in their system." "We can't tell auditors when we last assessed a critical supplier because the records are scattered across email, SharePoint, and two legacy platforms." These aren't edge cases. They're symptoms of a structural issue that undermines every TPRM initiative: fragmented supplier information. Why Data Quality Breaks Down TPRM data quality problems don't happen because teams are careless. They happen because of how organizations evolve: Mergers and acquisitions bring together disparate systems, each with its own supplier database. Integration gets deprioritized, and suddenly the organization is operating with three "master" supplier lists. Departmental silos mean Procurement tracks suppliers in an ERP, Compliance uses a GRC platform, IT maintains a separate vendor access registry, and Finance works from Accounts Payable records. Each system becomes authoritative for its domain, but none owns the complete picture. Tool proliferation compounds the problem. Organizations add point solutions for vendor risk scoring, contract management, security assessments, and ESG tracking. Each creates its own data repository. Each requires manual updates. None integrate cleanly. Spreadsheet workarounds emerge when systems don't talk to each other. Teams build Excel-based "integration layers" to bridge gaps. These spreadsheets become critical infrastructure, despite being fragile, error-prone, and impossible to audit. The result is predictable: data decays. Supplier information becomes stale the moment it's entered, because there's no mechanism to keep it current across all the places it lives. The Hidden Costs of Bad Data Poor data quality isn't just an operational annoyance. It creates genuine risk and measurable cost: Failed audits and regulatory findings. When auditors ask for evidence of due diligence on critical suppliers, teams scramble to piece together documentation from multiple sources. Gaps appear. Inconsistencies raise questions. What should be a routine control verification becomes a finding. Duplicate assessments and supplier fatigue. Without a unified view, different teams send overlapping questionnaires to the same supplier. The supplier receives three security assessments, two financial reviews, and four ESG questionnaires in the same quarter - all asking similar questions. Response rates drop. Relationships deteriorate and generate supplier fatigue. Slow incident response. When a supplier experiences a security incident or operational disruption, response speed matters. But if the first 30 minutes are spent identifying who owns the relationship, what data they access, and which business functions they support, the window for effective action closes. Inaccurate risk aggregation. Executive dashboards show supplier risk metrics, but those metrics are only as good as the underlying data. If 40% of supplier records are incomplete or conflicting, leadership is making decisions based on fiction. Blocked business velocity. Sales teams wait for supplier approvals. Procurement can't onboard vendors quickly because compliance workflows are stuck gathering basic information that should already exist. The TPRM program becomes a bottleneck, not because processes are broken, but because data is. How to Diagnose Your Data Quality Problem? The MDM (Master Data Management) appears as the solution. Before fixing data quality, you need to measure it. Here's a practical framework for auditing your current state: Step 1: Map Where Supplier Data Lives List every system that stores supplier information. Don't limit this to "official" systems—include spreadsheets, Accounting, SharePoint sites, and departmental databases. For each system, document: Who maintains it What data fields it contains How often it's updated Who relies on it for decisions Most organizations discover they have 6-10 systems touching supplier data, with no clear owner for ensuring consistency. Step 2: Test for Basic Accuracy Pick 20 critical suppliers at random. For each one, answer these questions: How many records exist for this supplier across all systems? Do the records show the same legal entity name? Do they reflect the same address and contact information? Is the risk tier or classification consistent? Can you identify a single business owner? If you find significant discrepancies in more than 30% of your sample, you have a material data quality problem. Step 3: Measure "Time to Basic Information" Run this exercise: Ask someone outside the TPRM team to answer basic questions about a supplier: Is this supplier currently active? What services do they provide? When was their last risk assessment? Who is the business owner? Are they compliant with our requirements? Time how long it takes to get definitive answers. If it requires more than 5 minutes and multiple system lookups, your data architecture is creating friction. Step 4: Identify the "Data Conflict Rate" Pull supplier records from your three most-used systems. Compare key fields like risk tier, contract status, and last assessment date. Calculate the percentage of records where these fields conflict. A well-governed TPRM program should see conflict rates below 10%. Rates above 25% indicate systemic issues that automation alone won't fix. Building a Data Quality Remediation Roadmap Once you've diagnosed the problem, remediation follows a structured path: Phase 1: Establish a Single Source of Truth The first step is philosophical, not technical: decide where authoritative supplier data will live. This doesn't mean consolidating all systems into one platform immediately. It means designating one system as the "system of record" where the definitive version of core supplier information exists. Core fields typically include: legal entity name, primary contact, business owner, risk tier, criticality designation, contract status, and last assessment date. Other systems can maintain specialized data, but they should reference—not duplicate—the core record. Phase 2: Deduplicate and Consolidate Assign a team, or a subcontractor, to systematically merge duplicate supplier records. This is unglamorous work, but it's foundational. Start with critical and high-risk suppliers, then work down the tier list. Use a consistent methodology: Identify the authoritative record (usually the most recent or most complete) Merge data from other records, preserving any unique information Document the consolidation in an audit log Deprecate old records with clear redirects to the current one Use a common token as the Duns Number Phase 3: Implement Data Governance Data quality doesn't maintain itself. Establish clear ownership and processes: Assign a Data Steward role responsible for supplier data integrity Define update workflows: who can modify core fields, and with what approval Build quality checks into onboarding: new suppliers can't be activated with incomplete records Schedule periodic reviews: quarterly audits of high-risk suppliers, annual reviews of the full population Phase 4: Automate Validation and Monitoring Once foundational data is clean, use technology to keep it that way: Implement validation rules that prevent invalid or incomplete data entry Set up alerts for data conflicts (e.g., if a supplier's risk tier changes in one system, flag for review) Use APIs to synchronize core data fields across systems rather than manual updates Build dashboards that surface data quality metrics: completeness rates, staleness, conflict rates Why Technology Alone Won't Fix This It's tempting to believe that buying a new TPRM platform will solve data quality problems. It won't—at least not by itself. A new platform can provide better structure, more robust validation, and cleaner workflows. But if you migrate messy data into that new platform, you just have expensive, messy data. The organizations that succeed treat data quality as an organizational discipline, not a technology project. They invest in governance, assign clear ownership, and build data hygiene into their operational culture. Technology enables good data management. It doesn't create it. The Strategic Advantage of Clean Data When TPRM teams solve their data quality problem, something remarkable happens: the program shifts from reactive to strategic. Instead of spending hours reconstructing basic supplier information during incidents, teams respond in minutes using reliable, current data. Instead of duplicating assessments across departments, cross-functional teams collaborate from a shared view of supplier risk. Instead of building executive reports manually, leadership gets real-time visibility into third-party exposure. Clean data doesn't just reduce friction—it becomes a competitive advantage. Organizations can onboard suppliers faster, make risk decisions with confidence, and demonstrate control to auditors and regulators without scrambling. Moving from Chaos to Clarity The TPRM data quality problem is solvable, but it requires acknowledging that it exists. Too many organizations layer sophisticated risk analytics and automation workflows on top of fragmented, unreliable supplier information—and then wonder why their programs underperform. The path forward starts with measurement: understand where your data lives, how accurate it is, and where conflicts arise. Then commit to remediation: consolidate, deduplicate, govern, and maintain. The work isn't glamorous, but it's foundational. Because every TPRM capability—risk assessment, continuous monitoring, incident response, regulatory reporting—depends on one fundamental requirement: knowing the truth about your third parties. Author Bio Emmanuel Poidevin CEO and co-founder of Aprovall Emmanuel Poidevin is the CEO and co-founder of Aprovall, a TPRM platform serving 1,800+ organizations. Emmanuel leads Aprovall's vision to centralize supplier information, automate compliance workflows, and enable cross-functional risk management from a single system of record. Connect with Emmanuel on LinkedIn or learn more at www.aprovall.com. Aprovall provides a centralized TPRM platform designed to serve as a single system of record for third-party information, eliminating data fragmentation across procurement, compliance, legal, and risk teams. Organizations use Aprovall to establish data governance, automate validation, and maintain accuracy across the supplier lifecycle. To learn more about building a unified approach to third-party data management, visit www.aprovall.com.

Many third-party risk management (TPRM) programs today have reached a level of operational maturity. They have defined processes, lifecycle coverage, and established workflows for intake, due diligence, and monitoring. But a critical question remains: Is your program actually improving—or just maintaining the status quo? In this episode of the TPRM Exchange Podcast , Hilary , Senior Membership & Education Coordinator at TPRA, speaks with Keith Frantz, Director of Vendor Management at Prosper Marketplace, to explore the difference between maturity and true progress, emphasizing that strong programs continuously evolve alongside changing risks, technologies, and business needs. “If it’s a check-the-box exercise, you have room for improvement.” From identifying signs of stagnation to adapting for emerging risks like AI, this conversation highlights practical ways practitioners can refine assessments, strengthen monitoring, and deliver more meaningful insights to the business. What You’ll Learn Why maturity doesn’t equal improvement Signs your TPRM program may be stagnant How to modernize risk assessments and evidence standards The growing impact of AI and emerging risk domains How better reporting and monitoring drive stronger decisions Why collaboration across procurement, legal, and the business is critical Key Takeaway “Collaboration, communication, and education—that’s what makes a program successful.” About the Guest Keith Frantz, Prosper Marketplace Graduate of Baylor University, worked in Financial Industry for over 20 years under numerous umbrellas. While in the mortgage industry, I worked primarily in default and risk management providing oversight for mortgage servicers. After moving to risk and vendor management, I have built and matured several programs at different companies and now oversee Procurement, Third Party Risk, and Internal Controls for Prosper Marketplace. Have a question or topic idea? Send us your suggestions at: pod@tprassociation.org

It's impossible to ignore what's happening in the world these days. Headlines are nonstop, commentary is everywhere, and every update appears urgent. Many news stories are meant to grab attention or push an agenda, but not all deserve equal focus. For third party risk management (TPRM) teams, the main challenge isn't just keeping up with the news. It's figuring out what actually matters. With so much information available, the important part is connecting outside events to your key third parties, suppliers, and services, and then deciding if you need to take action. Geopolitical issues do not always arrive as dramatic, obvious events, although sometimes they do. War breaks out. Military tensions escalate. Governments impose sudden restrictions. Just as often, the impact shows up through day-to-day operations. A third party can look perfectly fine in a due diligence review and still carry real exposure because of where it operates, what it relies on, and how those dependencies are structured Geography as a Starting Point, Not the Full Picture In many TPRM programs, geography is treated as a separate risk factor. Teams look at where a third party is based, where it operates, and which laws apply. Geography sets the foundation and shapes the legal, regulatory, and business environment for that third party .  Geopolitical risk changes how we think about geography . A place that once seemed stable can quickly become difficult to operate in if sanctions shift, governments add new rules, or broader instability starts to impact business. When Stability Shifts Without Warning  A region that seemed stable can change quickly. Conflict, political decisions, or new regulations can alter operating conditions with little notice. Third parties and key suppliers that looked safe yesterday might need attention today, even if the third party itself hasn't changed.  That's the challenge so many TPRM teams face right now.  The issue isn’t just that instability happens. It’s how fast it can impact critical third parties and their sub-servicers, even when you have strong due diligence and monitoring in place.  A third party in a country that has been stable in the past can still face problems because of its dependencies. Subcontractors, infrastructure providers, logistics networks, and supply chains can all bring risk. Changes in regulations and cross-border rules can also affect how services are delivered.  The impact doesn’t have to be local to be real . It often shows up as disruptions, delays, or changes in how services operate.  Programs that solely depend on periodic reassessment will feel those impacts first. By the time the next review comes around, the situation might already be affecting operations.  The Impacts of Geopolitical Events  When things change, the impact rarely stays in just one area. It usually affects several risk areas at once.  Operational disruption as service delivery slows or degrades  Compliance pressure as sanctions, restrictions, or regulatory expectations change  Dependency exposure as subcontractors and providers are affected  Concentration risk when multiple services rely on the same region or provider  Geography is only the starting point. The real impact comes from how it influences the rest of your third party ecosystem.  What Deserves your Attention  This is where context and nuance matter. The event that gets the most attention isn’t always the one with the biggest impact on your operations. A major event somewhere in the world might not affect your third parties, but a quieter regulatory or policy change could have immediate effects on your operations, data, supply chain, or service delivery.  The practical question is simple: Does this event connect to a specific third party, supplier, service, location, dependency, or requirement that matters right now? If you’re not sure, that’s where you should start looking.  Where the Real Exposure Sits  Organizations will often gather information about dependencies during due diligence, but that’s not the same as thoroughly assessing those dependencies. It also doesn’t mean the third party has examined its own third parties, providers, or sub-servicers as closely.  The question is not always whether the third party itself is in an unstable region. Sometimes the third party looks fine, its geography looks fine, and the real issue sits deeper in the chain. Sub-servicers, supply chains, and infrastructure can be affected long before the direct third party shows visible signs of strain.  Where Monitoring May Fall Short Many people use headline alerts, news aggregators, and general monitoring tools. These might help you stay informed, but more often create a lot of noise without much guidance.  They tell you what’s happening, but not whether it matters for your third party environment.  Where Risk Intelligence and Alert Services Add Value  Risk intelligence services are more effective because they are designed to connect outside events to your third party group.  Different services offer different capabilities. Some focus on company-level monitoring and alert you when a specific third party is affected. Others track geopolitical and regulatory developments across regions. Some provide visibility into supply chains and downstream dependencies, including subcontractors and infrastructure providers. Others focus on cyber or operational disruption tied to external events.  Most programs depend on a combination of these capabilities.  The real value comes from how well alerts are linked to your actual risks.   A useful alert doesn’t just report that something happened in a region. It shows how that event connects to specific third parties, services, or dependencies.  What This Looks Like in Practice  A geopolitical alert might show up as:  A sanctions update affecting a region where a critical supplier operates  A regulatory change affecting data transfer requirements where a third party processes data  A conflict disrupting a logistics route tied to a supplier  A government restriction affecting infrastructure used by a subcontractor  These alerts don’t need to be escalated right away on their own. They need context.  The first step is to check if the alert connects to a third party, service, or dependency that is important to your business.  If it does, the response can stay focused:  confirm whether the third party is directly affected  assess service continuity and contingency plans  check downstream providers and subcontractors  validate whether regulatory obligations have changed  document whether escalation or monitoring is needed  The goal isn’t to react to every alert. It’s to quickly figure out what matters and what steps to take next.  Making it Operational  Managing geopolitical risk in TPRM comes down to three things: knowing which events are relevant to your specific third parties and dependencies, monitoring with tools that connect external developments to your actual environment, and having a program that can move from information to action. These elements reinforce each other, and all three need to be in place.  Taking these actions can help.  Map exposure clearly.  Know where your critical third parties operate, what they depend on, and which services are most important  Be able to report quickly.  When something changes, you should be able to quickly identify affected third parties, including downstream dependencies.  Define triggers for action.  Decide what kinds of changes require outreach, reassessment, or escalation  Assign ownership.  Assign someone to review developments and decide on next steps  Keep responses proportionate.  Not every development needs action, but the next steps should be clear when action is required.  Conclusion   Geopolitical risk is not going away, and the amount of information around it will only continue to grow. Most of that information will be noise. The difference for TPRM teams is whether they can filter it quickly and focus on what actually affects their third party ecosystem.  That is the real work. Not tracking everything, but knowing what matters, when it matters, and what to do about it. When a TPRM program is built that way, it does not need to predict every disruption. It is already positioned to respond when it counts.  Author Bio Hilary Jewhurst Sr. Membership & Education Coordinator at TPRA Hilary Jewhurst  is a seasoned expert in third party risk and risk operations, with nearly two decades of experience across financial services, fintech, and the nonprofit sector. She has built and scaled third party risk programs from the ground up, designed enterprise-wide training initiatives, and developed widely respected content that helps organizations navigate regulatory complexity with clarity and confidence. Known for turning insight into action, Hilary’s thought leadership and educational work have become go-to resources for professionals looking to mature their TPRM programs. She regularly publishes articles, frameworks, and practical guides that break down complicated risk topics into meaningful, accessible strategies. Hilary recently joined the  Third Party Risk Association (TPRA)  as a staff member, supporting industry-wide education, peer learning, and advancing best practices. She is also the founder of  TPRM Success , a boutique consultancy that helps organizations strengthen their third party risk management capabilities through targeted training, tools, and strategic guidance.

FOR IMMEDIATE RELEASE TPRA Announces Winners of 2026 Third Party Risk Management (TPRM) Service Provider Innovator Award Tuesday, April 21, 2026 1/1 Interos Named 2026 TPRM Service Provider Innovator; Aravo, Interos, and HITRUST Earn Excellence Awards Across Key Categories ANKENY, IOWA – 21 APRIL 2026 – The Third Party Risk Association (TPRA) today announced the winners of its 2026 Third Party Risk Management (TPRM) Service Provider Innovator Award and Excellence Awards during its annual in-person conference on April 21, 2026. Established to recognize and promote the critical role service providers play in advancing the TPRM industry, the TPRM Service Provider Innovator Award honors organizations that deliver innovative, efficient, and effective solutions to help practitioners assess, mitigate, and manage third party risk. “TPRM service providers are the backbone of our programs,” said Julie Gaiaschi, CEO of TPRA. “These organizations continue to push the boundaries of innovation while collaborating across the ecosystem to strengthen how risk is understood and managed. We are proud to recognize this year’s winners for their leadership and impact.” 2026 Award Winners TPRM Service Provider Innovator Award Interos was selected as the 2026 overall Innovator Award winner for its transformative approach to third party and supply chain risk management. Through its AI-powered platform, Interos delivers a unified, near real-time view across six critical risk domains, enabling organizations to move beyond fragmented data toward a single, actionable intelligence framework. Its breakthrough solutions— itariffs and itracing —provide predictive insights into tariff exposure, multi-tier supplier dependencies, and product-level disruption impacts, setting a new standard for proactive, intelligence-driven risk management. Excellence Award Winners GRC/TPRM Platform: Aravo Recognized for its innovations leveraging artificial intelligence to enhance multiple uses and views in the third party risk space, Aravo stood out for delivering advanced capabilities that improve visibility, efficiency, and decision-making for practitioners. Image: Dean Alms (right), Chief Product Officer for Aravo, accepts the Excellence Award on the organization's behalf from Julie Gaiaschi, CEO of TPRA, at TPRA's 2026 Conference on April 21, 2026. Risk Rating/Risk Intelligence Tool: Interos In addition to earning the overall Innovator Award, Interos was recognized in this category for its comprehensive risk intelligence capabilities, providing near real-time insights across a broad spectrum of risk domains along with actionable mitigation guidance. Image: Marty Clough (right), VP of Sales for Interos.ai, accepts Excellence Award on behalf of the organization from Julie Gaiaschi (left) during TPRA 2026 Conference on April 21, 2026. TPRM Services: HITRUST HITRUST was recognized for its standardization work that shifts the market from fragmented questionnaires toward a shared, defensible, and standardized assurance model that can be reused across vendor relationships. Image: Ryan Patrick (right), EVP, Customer Solution for HITRUST, accepts the Excellence Award on behalf of the organization from Julie Gaiaschi (left), CEO of TPRA, during the TPRA's 2026 Conference on April 21, 2026. Selection Process Nearly 40 TPRM service providers submitted applications across three categories: GRC/TPRM Platforms, Risk Rating/Risk Intelligence Tools, and TPRM Services. A panel of TPRA Officers, Board Members, and Practitioner Members representing diverse industries evaluated submissions based on innovation, collaboration, social responsibility, and overall impact on advancing the TPRM industry. Finalists underwent a multi-stage review process, including detailed scoring and live interviews, where judges assessed product capabilities, real-world applications, and contributions to the broader risk management community. ### The Third Party Risk Association (TPRA) is dedicated to advancing the practice of third party risk management by fostering collaboration, education, and innovation across the global TPRM community. Through its programs, events, and initiatives, TPRA supports practitioners and service providers in strengthening risk management practices and driving industry progress. MEDIA CONTACT Meghan Schrader Marketing & Communications Manager meghan.schrader@tprassociation.org www.tprassociation.org FOR MORE INFORMATION https://www.tprassociation.org/innovator-award Previous Next

FOR IMMEDIATE RELEASE TPRA Announces Launch of New Learning Management System for Certification and Certificate Programs Monday, November 17, 2025 TPRA's new training and examination site on the Inspire360 platform. TPRA's new training and examination site on the Inspire360 platform. 1/1 TPRA's new training and examination site on the Inspire360 platform. The Third Party Risk Association (TPRA) will be moving its professional training and certification platform to Inspire360 in January of 2026 ANKENY, IOWA — NOVEMBER 17, 2025 — The Third Party Risk Association (TPRA) is pleased to announce the upcoming launch of its new educational platform and Learning Management System (LMS) in January 2026 . This transition marks an exciting step forward in TPRA’s mission to enhance the learning experience for risk management professionals around the globe. The new LMS will offer a more engaging and streamlined experience , allowing registrants to easily navigate between trainings, exams, and certifications. Registrants will also be able to upload and track their continuing professional education (CPE) credits. With improved functionality and user-friendly design, TPRA aims to provide a centralized space where all education-related activities—from registration to completion—can be accessed with ease. “Our goal is to create a modern, intuitive learning environment that supports every stage of a registrant’s certification journey,” said Julie Gaiaschi, TPRA’s CEO & Co-Founder. “This upgrade reflects our commitment to continuous improvement and to meeting the evolving needs of our professional community.” Migration from Current System TPRA will suspend TPCRA registration on its website beginning on Wednesday, November 17 th, through December 31, 2025, to allow for the transition to the new platform. Those who have previously registered through the old system but are still in the process of completing TPCRA training and/or their examination will be automatically transferred to the new system and contacted by TPRA if additional information is needed. What to Expect Launch Date for the new Learning System: January 7, 2026 New Platform: Inspire 360 User Setup: On launch day, all current learners will receive an email from support+tpra@inspire360.com with the subject line “Update Your Account.” This one-time-use link will allow users to set their password and verify their account. Welcome Experience: After verification, users will receive a Welcome Email with step-by-step guidance on navigating the new system. Continuity of Learning: Learners who are already certified will see their certification in the new system. Those currently in the process of the TPCRA will complete their training and examination requirements in the current system. Support and Assistance Technical Support: support+tpra@inspire360.com Education Support: hilary.jewhurst@tprassociation.org TPRA will send additional communications leading up to the transition to ensure a smooth and seamless experience for all registrants. “We deeply appreciate the continued support of our members and learners,” added Julie Gaiaschi. “We’re excited to unveil the new features and capabilities this platform will offer as we continue to advance education in third party risk management.” About TPRA The Third Party Risk Association (TPRA) is a non-profit organization dedicated to advancing the profession of third party risk management (TPRM) through collaboration, education, and community engagement. TPRA supports practitioners and organizations around the world with resources, training, and networking opportunities that strengthen risk management programs and professional development. MEDIA CONTACT Meghan Schrader Marketing & Communications Manager Third Party Risk Association (TPRA) meghan.schrader@tprassociation.org https://www.tprassociation.org/ FOR MORE INFORMATION https://tpra.inspire360.com/ Previous Next

Stay updated with TPRA Press. Read our latest press releases and see how TPRA is featured in interviews, conference coverage, and industry news. PRESS RELEASES MEDIA MENTIONS PRESS RELEASE TPRA and Industry Leaders Unite to Launch the Standard Trust Portal Guidance READ MORE PRESS RELEASE TPRA and Industry Leaders Unite to Launch the Standard Trust Portal Guidance May 4, 2026 READ MORE PRESS RELEASE TPRA Announces Launch of New Learning Management System for Certification and Certificate Programs November 17, 2025 READ MORE PRESS RELEASE TPRA Announces Winners of 2026 Third Party Risk Management (TPRM) Service Provider Innovator Award April 21, 2026 READ MORE PRESS RELEASE Aravo Awarded 2025 TPRM Innovator Award by Third Party Risk Association April 8, 2025 READ MORE PRESS RELEASE CeFPro and Third Party Risk Association Announce Strategic Partnership to Advance Global Third-Party Risk Management January 30, 2026 READ MORE PRESS RELEASE Interos and Aravo Awarded 2025 Excellence Awards by Third Party Risk Association March 24, 2025 READ MORE 1 2 1 ... 1 2 ... 2 Media Mentions April 9, 2025 READ ON Business Wire Aravo Wins 2025 TPRM Innovator Award by the Third Party Risk Association Button October 2, 2024 READ ON She Does Tech She Does Tech: Julie Gaiaschi - Entrepeneur, TPRM, IT Audit Button May 31, 2024 READ ON Third Party Threat Hunters Third Party Threat Hunters: S2:E1 Julie Gaiaschi and TPRA Button February 29, 2024 READ ON Business Wire VISO TRUST to Deliver “Trading Up from Tradeoffs: AI is Driving Broader, Deeper Nth Party Cyber Risk Assessment” at Third Party Risk Madness Conference Button October 18, 2023 READ ON ARAVO Women in Third-Party Risk Management: A Conversation with TPRA’s CEO Button May 11, 2023 READ ON CISION PRweb Risk3sixty Receives Innovator Award from Third Party Risk Association Button LOAD MORE