Summit 2022 is the time to refresh your risk management knowledge and reenergize your risk management career; educational opportunities before (workshops) and after the main event (certification classes) abound. During the event, breakout sessions will nurture your active participation. All of these offerings will offer actionable steps that you can bring to your practice and program.
ESG Workshop
This workshop will focus on maturing third party risk management sustainability practices in today’s fast paced ESG arena. Participants from all organizations with an ESG third party risk interest are welcome, no matter what level of ESG TPRM experience an entity has under its belt. The ESG workshop will have an educational focus, informing participants about often fast changing ESG frameworks, policies, metrics, procedures, regulations, etc. There will be opportunities for participants to share their ESG program development with others, and to provide input to the Shared Assessments ESG program.
TPRM Fundamentals Workshop
TPRM Fundamentals is based on the foundational principles of third party risk management. Learners who register for the TPRM Fundamentals course will gain foundational knowledge of terminology and drivers for third party risk based upon each phase of the vendor lifecycle; learn the building blocks included in a TRPM program to develop the structures to identify and mitigate third party risk; and attain knowledge of the goals and objectives of conducting third party assessing including processes for risk analysis, findings, corrective actions, and management reporting.
SIG Workshop
As we continue to enhance the SIG, its assessment capabilities have continued to expand. This workshop will focus on proving-providing/sharing the functionality of the SIG. We will be highlighting the content updates and new categories to streamline your SIG scoping capabilities. Attendees will obtain an understanding of best practices for reviewing a completed SIG and supporting artifacts within the due diligence processes of a third party risk management program.
Day One Summit breakout sessions will examine Nth Party Risk, Emerging and Cascading Risks and Ransomware risk.
Breakout 1: How Fourth/Nth Party Vendors Pose a Threat to your Business
It’s not just your suppliers, but your suppliers’ suppliers that matter. While you may be working with secure third-party vendors and platforms, how do you track each level of vendors beyond them? What happens when one of your critical vendors’ vendors experiences a security incident? What’s the fourth party’s business continuity plan — if any? This session will focus on ways to manage the threat posed by Fourth/Nth parties.
Breakout 2: Board Perspectives on Emerging and Cascading Risks
This session will include board directors and chief risk officers discussing what they see as emerging risks of interest to Third Party Risk Management (TPRM) professionals, as well as how boards are handling those risks and board directors are keeping abreast of them. What will be new will be discussions of cascading risks and how to identify them and present them to the board.
Breakout 3: The First 48: Ransomware: Are You Prepared for a Breach?
As a TPRM professional, you know that it’s not a question of if you’ll be attacked by cybercriminals – but when. The reality is that it is better to be proactive and know what to do when an attack happens to avoid an unfortunate incident. This session will focus on how to prepare for the attack and the immediate steps to take when you realize you’ve been attacked.
Day two breakout sessions will consider emerging risks and how different levels in the organization view these risks. Day two will also introduce the infosec workforce of the future and cover trends in continuous monitoring.
Breakout 4: How do different levels within your organization view emerging risks?
The ambiguous characteristic of emerging risks and the lack of information available to understand risk make it difficult for leaders to achieve a consensus on how to perceive risk within an organization. This session will focus on how your organizational leadership can establish, define, and align their views on risk before an incident occurs.
Breakout 5: Workforce of the Future
The information security profession is projected to grow 31% by 2029. A growing gig-economy is also leading to more concerns over the levels of risk and protection this new working population poses. What impact does a gig economy have on risk and talent in the industry? Do you know which emerging security roles and skills you will need to succeed in the digital age? Be prepared by learning new strategies to understand your risk, and how to recruit, develop, and retain top security talent.
Breakout 6: Continuous Monitoring -> Control Shift -> Continuous Validation
In today’s rapidly evolving complex risk environment the use of continuous monitoring solutions across multiple risk domains has become increasingly essential. Continuous monitoring will assist organizations in gaining ongoing assurance that their third and Nth parties control hygiene is in place and operational. This session will leverage the experience of your peers in exploring the future, benefits and challenges of integrating and utilizing continuous monitoring solutions across your Third-Party Risk Program.
Finally, in-person certification classes are the way to reinvigorate your risk management career. Both CTPRP and CTPRA classes will be offered live and in-person the day after Summit formally ends.
To see the full Summit schedule, navigate here.
To view details on the sessions, visit our registration page.