Enterprises are increasingly using third party suppliers for the provision of core services. With the recent spate of data breaches originating from third parties, how do enterprises ensure their data supply chain is safe and appropriate controls are in place? What models have been implemented to articulate risk of third party suppliers and how has risk posture been communicated to the Board.