
30.06.2026
|Bruno Blumenthal
|Presentation

Many companies are drowning in a flood of administrative tasks related to third-party risk management (TPRM): Extensive standardized questionnaires for every service provider lead to outright compliance fatigue, while critical supply chain risks often go undetected. At ISSX, Bruno Blumenthal drew on practical experience to demonstrate how to move away from a one-size-fits-all approach.
Drawing on insights from various implementation projects, he illustrated proven approaches for three core elements of risk-based TPRM:
Based on this blueprint, a lean TPRM can be established that can be implemented using simple means. The clear goal: to shift the focus from mere data collection to effective risk reduction.
Translated with DeepL.com (free version)

I have been involved in information and cyber security for over 20 years. I support our clients in the further development and optimization of their security governance and organization. When building future-proof security architectures, I focus on the optimal interaction between technology and people. I am also involved in further training in the field of cybersecurity as chief expert for the Information Security Manager examination with a federal diploma.


