Actions toward third-party risk management in Canada by type 2021

An October 2021 survey of Canadian tech and security executives found that more than 50 percent of organizations had audited or verified third parties or suppliers' security posture and compliance. A further share of 43 percent of the organizations refined our criteria for onboarding and ongoing assessments of third parties. Among surveyed organizations, 27 percent terminated the partnership with certain third parties as an attempt to establish a more profound third-party risk management.

Share of organizations in Canada that took actions toward more prominent third-party risk management as of October 2021, by action type

Characteristic	Share of respondents
Audited or verified the security posture and compliance of third parties or suppliers	51%
Refined our criteria for onboarding and ongoing assessments of third parties	43%
Provided knowledge-sharing or assistance to third parties to shore up their cybersecurity postures	41%
Addressed challenges, cost-related or time-related, that affect your ability to be cyber resilient	41%
Performed more rigorous due diligence	39%
Rewritten contracts with certain third parties to mitigate our risks	34%
Exited relationships with certain third parties	27%
None of the above	8%

Loading statistic...

Download

Source

Show detailed source information?

Already a member?

Source

Use Ask Statista Research Service

Release date

November 2021

More information

Region

Canada

Survey time period

October 2021

Number of respondents

114 respondents

Supplementary notes

The original question was formed as follows: "Has your organization done any of the following actions in the past 12 months to minimize third-party or supplier risks in your ecosystem? Check all that apply."

The source adds the following information:
"The three lasting actions are refining criteria for third-party assessments, rewriting contracts and performing more rigorous due diligence.
Respondents operate in a range of industries: tech, media and telecom; industrial manufacturing; financial services; retail and consumer markets; energy, utilities and resources; health; and government and public services."

Citation formats