Best-practices

Curated content to give you a head start.

Together with our partners, we continuously develop new content that we make available through our Content Hub. Think of frameworks, control sets, and questionnaires. As a result, you never have to start from scratch, you work according to international standards and best practices, and can achieve results quickly.

Content Hub

Best-practices

In our Content Hub, we have best-practice content available for every industry and risk discipline, from sustainability and cybersecurity to continuity. If you're looking for specific content that isn't listed, no problem! We likely have the content available or can request it through one of our partners. You can directly download the content and customise it to fit your specific need.

Solutions
Select solution
Partners
Select solution
Business continuity
CSDDD
CSRD
Compliance
Compliance management
Cybersecurity
DORA
Duty of Vigilance
Energy & utilities
Financial services
GDPR
German Supply Chain Act LkSG
Internal control testing
Managed service
Manufacturing
NIS-2
Privacy
Public sector
Retail
Service providers
Supply chain risk management
Sustainability
Tech, media & telecommunications
Third-party assessments
Third-party risk management
Client Comply
Innervate
Eraneos
Deloitte
Grant Thornton
Protiviti
NTT DATA
Secura
Trust Alliance
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Tag
Showing 0 of 100
International Featured Standards (IFS)
The IFS comprise eight different food and non-food standards, covering the processes along the supply chain.

International Featured Standards (IFS)

The IFS comprise eight different food and non-food standards, covering the processes along the supply chain.

Retail
Service providers
Internal control testing
Manufacturing
Third-party assessments
Baseline Informatiebeveiliging Overheid (BIO) - NL
De BIO beschrijft de invulling van de NEN-ISO/IEC 27001:2017 en de NEN-ISO/IEC 27002:2017 voor de Nederlandse overheid.

Baseline Informatiebeveiliging Overheid (BIO) - NL

De BIO beschrijft de invulling van de NEN-ISO/IEC 27001:2017 en de NEN-ISO/IEC 27002:2017 voor de Nederlandse overheid.

Cybersecurity
Public sector
Internal control testing
Third-party assessments
Business continuity
General Data Protection Regulation (GDPR)
The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union.

GDPR
Privacy
Service providers
Compliance
Compliance management
Digital Operational Resilience Act (DORA)
The Digital Operational Resilience Act (DORA), is a European Union (EU) regulation including ICT third-party requirements.

Digital Operational Resilience Act (DORA)

The Digital Operational Resilience Act (DORA), is a European Union (EU) regulation including ICT third-party requirements.

DORA
Third-party assessments
Cybersecurity
Financial services
Standardized Information Gathering (Questionnaire)
The SIG, short for “Standardized Information Gathering (Questionnaire)” is a third-party information security and privacy questionnaire.

Standardized Information Gathering (Questionnaire)

The SIG, short for “Standardized Information Gathering (Questionnaire)” is a third-party information security and privacy questionnaire.

Business continuity
Service providers
Compliance
Compliance management
Cybersecurity
CIS Security Controls
The CIS Critical Security Controls are a prioritised set of Safeguards to mitigate the most prevalent cyber-attacks against cyber attacks.

CIS Security Controls

The CIS Critical Security Controls are a prioritised set of Safeguards to mitigate the most prevalent cyber-attacks against cyber attacks.

Cybersecurity
Internal control testing
Third-party assessments
Business continuity
Service providers
German Supply Chain Act
The Act on Corporate Due Diligence Obligations in Supply Chains (Lieferkettensorgfaltspflichtengesetz, LkSG) is related to human rights/env.

German Supply Chain Act

The Act on Corporate Due Diligence Obligations in Supply Chains (Lieferkettensorgfaltspflichtengesetz, LkSG) is related to human rights/env.

German Supply Chain Act LkSG
Third-party assessments
CSRD
CSDDD
Internal control testing
NIST Cybersecurity Framework
NIST helps businesses of all sizes better understand, manage, and reduce their cybersecurity risk and protect their networks and data.

NIST Cybersecurity Framework

NIST helps businesses of all sizes better understand, manage, and reduce their cybersecurity risk and protect their networks and data.

Business continuity
Service providers
Compliance
Compliance management
Cybersecurity
ISO/IEC 22301
ISO 22301 is a standard aimed at helping organisations to implement, operate, monitor, and improve a business continuity management system.

ISO/IEC 22301

ISO 22301 is a standard aimed at helping organisations to implement, operate, monitor, and improve a business continuity management system.

No items found.
ISO/IEC 14001
ISO 14000 is a family of standards related to environmental management that exists to help organisations minimise environmental harm.

ISO/IEC 14001

ISO 14000 is a family of standards related to environmental management that exists to help organisations minimise environmental harm.

No items found.
ISO/IEC 26000
ISO 26000 is intended to assist organisations in contributing to sustainable development.

ISO/IEC 26000

ISO 26000 is intended to assist organisations in contributing to sustainable development.

No items found.
ISO/IEC 9001
ISO 9000 is a set of standards that helps organisations ensure they meet customers' and other stakeholders' needs and requirements.

ISO/IEC 9001

ISO 9000 is a set of standards that helps organisations ensure they meet customers' and other stakeholders' needs and requirements.

No items found.
ISO/IEC 27001
ISO 27001 is an information security standard that specifies a management system and requirements for information security.

ISO/IEC 27001

ISO 27001 is an information security standard that specifies a management system and requirements for information security.

Business continuity

Curated by our partners

The content in our Content Hub is continuously developed and kept up-to-date by subject matter experts from our partners. We collaborate with renowned consultants such as Deloitte, Protiviti, NTT DATA, and Eraneos. As a result, you will always have access to high-quality, up-to-date, and free to use content.

Our Content Hub is designed for immediate use of the content. With just a click of a button, you can activate a framework or questionnaire and use it right away. All content can also be downloaded, allowing you to customise it according to your preferences and tailor it to your specific contenxt.

Why 3rdRisk

At 3rdRisk, we do things differently. Through our people-first approach and personal touch, we are able to deliver smart and user-friendly solutions that enable risk professionals to be successful, both today and tomorrow.

#1. European

3rdRisk is a Dutch tech company with a strong European profile. Our data is residing in Germany, and we exclusively use European sub-processors. Our partner network has a global coverage.

#2. Collaborative

We develop our technology in collaboration with our customers and partners. Our customers have significant influence on our roadmap. We do a lot of co-development together with our customers and partners.

#3. People first

We place the human at the center of everything what we do. That's why we create technology that works intuitively, looks sleek and thinks along with you. Our platform has been designed by subject matter experts and is based on renowned international standards.

#4. Quick results

Say goodbye to long, drawn-out software implementations. Our 10-day implementation process ensures you hit the ground running. Our platform seamlessly integrates with your existing systems and allows you to be in control within just a few days

Jelle Groenendaal

CMO at 3rdRisk


“The strength of our platform lies not just in its technology, but in the depth and richness of our Content Hub. It is a dynamic repository, always updated, always relevant, and designed to kick-start the initiatives of our users."

Plan a demo
Jelle 3rdRisk