TPCRM (Third-Party Cyber Risk Management) is the discipline specifically focused on managing cyber risks introduced by third parties: assessing supplier security posture, controlling contractor access, and continuously monitoring for vulnerabilities. It is a critical component of TPRM, reinforced by NIS2 and DORA obligations which require formal cyber risk assessments for all significant third parties in scope.
