A cyber and digital risk executive argues that pharmaceutical companies often misclassify third-party risk events. Instead of logging incidents under the function that absorbed the impact, such as cyber or regulatory, the root cause should be identified as a vendor governance failure. This reclassification would provide boards with a clearer understanding of underlying patterns across multiple incidents, rather than a fragmented view of unrelated risks. AI
RANK_REASON Opinion piece by a named executive on risk management practices.
AI-generated summary · Google Gemini · from 1 sources. How we write summaries →
