ProcessUnity: Vic govt secures Sparx Solutions and Process Unity for third-party risk management services

Managed and professional services provider Sparx Solutions along with its partner ProcessUnity have been chosen by the Victorian government as its third-party risk management supplier for its cyber security state purchase contract (SPC).The cyber SPC came into effect in May 2024 and went live on the Victorian government's Digital Marketplace in September last year.The contract requires Sparx Solutions and ProcessUnity to provide third-party risk management services to interested Victorian government departments, agencies and entities.This will provide the government with the ability to assess third party vendors' controls and risk exposure while incorporating threat intelligence.Relevant agencies will also be able to securely share generated reports on third-party risk exposure between themselves.To ensure data privacy and security of the reports, these assessments include 'live threat' intelligence alert capabilities, enabling an improvement in notification via a continuous assessment protocol.Sparx Solutions executive director Mario Antoniou said these services were previously provided on a bespoke basis to specific agencies."This new approach centralises the management of third-party data Victorian wide approach to third party risk management, which includes highly secure sharing of the risk profile of third parties dealing with [the] Victorian government between agencies," he said.This would save official time, reduces risk and protects agencies from third party risks - an issue which has become more prevalent in recent years around data protection."With most of the breaches occurring through third parties, a progressive modern approach is required to uplift every third party's cyber maturity and coverage," ProcessUnity Asia Pacific vice president Anthony Panuccio added.