Events

Sep 2022

webinar: Fourth Parties and Beyond: Managing Risk in the Extended Supply Chain

Wednesday, September 7, 2022 | 11:00am-12pm ET

Just as managing the risk of your direct suppliers is critical, understanding the risk of your suppliers' suppliers is imperative. While you may work most directly with secure third-party vendors and platforms, unknown Fourth Parties (vendors of vendors) can cause significant disruptions to your business. How do you manage the threats posed by these Fourth or Nth Parties? Participants will learn practical ways to identify and manage fourth parties through an overview of the tools and techniques experienced risk professionals use to effectively measure and address risk across all levels of the supply chain.

Speakers:

Andrew Moyad, CEO, Shared Assessments

Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.

member forum call: Evolving Work Environments

Tuesday, September 13, 2022 | 11:00am-12pm ET

The Covid-19 pandemic introduced considerable changes to third-party risk management processes. Vendors experienced evolutions in worker location, geographic dispersion, and resilience. Company cultures transformed as work-from-anywhere became a reality. This MFC will highlight the significant workplace shifts that have affected third-party risk management and recommend actionable next steps for practitioners.

Speakers:

Andrew Moyad, CEO, Shared Assessments

Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.

Avani Desai, CEO, Schellman

Avani Desai is a Chief Executive Officer at Schellman, the largest niche cybersecurity assessment firm in the world that focuses on technology assessments. Avani is an accomplished executive with domestic and international experience in information security, operations, P&L, oversight, and marketing involving both start-up and growth organizations. She has been featured in Forbes, CIO.com, and the Wall Street Journal, and is a sought-after speaker as a voice on a variety of emerging topics, including security, privacy, information security, future technology trends, and the expansion of young women involved in technology.

webinar: The Top 4 Ways to Ease Third-Party Vendor Onboarding In Risk Management

Tuesday, September 20, 2022 | 11:00am-12pm ET

Vendor onboarding is an essential early step in the third-party risk management lifecycle. What types of risk insights are helpful as you establish approved providers of technology, goods, or services? What should a successful supplier onboarding process look like in your organization? This session, presented by Director, TPRM Professional Services, Echelon Risk + Cyber, and Alastair Parr, Senior Vice President of Global Products & Services at Prevalent, will:

  • • Identify challenges organizations face when onboarding new suppliers
  • • Explore the right metrics and risks to consider prior to onboarding a vendor including Cyber, Business, Hack/Breach, Financial, ESG, and Sanctions Intelligence
  • • Review the opportunities consolidated risk insights provide

Speakers:

Tom Garrubba, Director, TPRM Professional Services, Echelon Risk + Cyber

Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Alastair Parr, Senior Vice President, Global Products & Risk, Prevalent

Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.

Oct 2022

webinar: Third-Party Risk Assessments: Going Beyond Compliance Checks and IT Risk Management

Wednesday, October 5, 2022 | 11:00am-12pm ET

In third-party risk management, to lower vendor and supplier risks to an acceptable level, practitioners must recognize which controls need to be in place. Understanding the types of vendors being onboarded and their potential inherent risks is key. This webinar will explore strategies for mitigating risk through consideration of crucial factors including location, type of data, and connection to the corporate network.

Cost: Free / Credits: 1 CPE

Speakers:

Nasser Fattah, Senior Advisor, Shared Assessments

Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.

Ken Wolckenhauer, Vice President, Vendor Management, Nordea Bank, International Corporate Branches

Ken Wolckenhauer is the head of Vendor Management at Nordea Bank’s International Corporate Branch network. Prior to that, he worked for the major FinTech, FIS, in its Financial Crimes solutions division, and in the retail money services business. At Nordea Bank, he built out the vendor management program for the International Division, helping to build a responsible supply chain in areas outside the Nordics. He worked with both building management and suppliers to develop environmentally sustainable programs at the branch. Wolckenhauer is a graduate of Bucknell University with an Associates from the University at Buckingham (UK), a Certified Third Party Risk Professional and a Certified Anti-Money Laundering Specialist.

Persio Reyes, Cybersecurity & Technology Risk Management Executive , Société Générale

Persio Reyes is currently a Cybersecurity & Technology Risk Management Executive for Société Générale in the Americas Group Chief Risk Office. Prior to joining Société Générale, Persio was the Americas BISO for all CTO aligned applications for three (3) years. Persio has extensive cybersecurity experience in both the First and Second Lines of Defense. Previously, he was the Head of Endpoint Security & Risk Management at a major investment bank. In these roles, Persio participated in various Working Groups as a key stakeholder in driving the Bank’s new Security Architecture. Persio is an accomplished Information Technology Executive with more than 15 years of technology experience in the financial services industry, and holds various industry certifications in InfoSec, cybersecurity and risk management Persio received his Bachelor of Arts in Economics from the City College of New York (CCNY) and his M.B.A. degree in Technology Management from the University of Phoenix.

member forum call: 2023 TPRM Toolkit Review and Demo

Tuesday, October 11, 2022 | 11:00am-12:30pm ET

The Shared Assessments Tool Development team and committees have spent the last year updating and upgrading the SIG, SCA, VRMMM, and Data Governance Tools just for you. Members will be the first to receive the special overview and demo.

Cost: Free / Credits: 1.5 CPEs

Speakers:

Colleen Milazzo, Senior Vice President, TPR Software Products, Shared Assessments

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Andy Hout, Vice President, Tool Development & Implementation, Shared Assessments

Andy has more than 30 years in data communications/information security and is familiar with all types of systems and transport technologies. Using this knowledge, Andy has conducted hundreds of vendor assessments and implemented vendor risk management programs for several large clients.

webinar: New 2023 Toolkit: Standardized Excellence to Meet Today’s Risk Environment

Wednesday, October 19, 2022 | 11:00am-12:00pm ET

Shared Assessments has updated and upgraded the 2023 Third Party Risk Management Toolkit to align with a changing regulatory and threat environment. Content has been adjusted to focus on Cybersecurity, Data Governance, Operational Risk, and Resilience. This session includes full details about updates and upgrades to the SIG, SCA, VRMMM, Data Governance Tools, including content organization and updates to industry and regulatory standards.

Cost: Free / Credits: 1 CPE

Speakers:

Christopher Campbell, Manager of Sales, Shared Assessments

Christopher has almost 20 years of experience in sales, customer relations, and corporate operations, including key sales and support roles in various industries ranging from health and fitness to construction. At Shared Assessments, he is responsible for member service, market research, program development, prospective member outreach, membership renewals, and is dedicated to helping members optimize their SIG.

Andy Hout, Vice President, Tool Development & Implementation, Shared Assessments

Andy has more than 30 years in data communications/information security and is familiar with all types of systems and transport technologies. Using this knowledge, Andy has conducted hundreds of vendor assessments and implemented vendor risk management programs for several large clients.

webinar: The 5 Criteria Essential for Long-Term Third-Party Risk Management Program Success

Tuesday, October 25, 2022 | 11:00am-12pm ET

Your third-party risk management program is on solid footing and bringing in short term success. But how do you keep the momentum going? What does a dynamic, agile program look like? Join Tom Garrubba, Vice President of Shared Assessments, and Alastair Parr, Senior Vice President of Global Products & Services at Prevalent, as they:

  • • Discuss pragmatic, actionable long-term TPRM program goals
  • • Review considerations for appropriate resource planning and constraint management
  • • Show you best practices for business engagement and data collection
  • • Assess mechanisms for improving vendor interaction
  • • Explore how to create consistency in metrics for analysis and reporting
  • Speakers:

    Tom Garrubba, Director, TPRM Professional Services, Echelon Risk + Cyber

    Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

    Alastair Parr, Senior Vice President, Global Products & Risk, Prevalent

    Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.

Nov 2022

member forum call: Continuous Monitoring

Tuesday, November 8, 2022 | 11:00am-12:00pm ET

Details Forthcoming.

Cost: Free / Credits: 1 CPE

Speakers:

Colleen Milazzo, Senior Vice President, TPR Software Products, Shared Assessments

Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.

Gary Roboff, Senior Advisor, Shared Assessments

Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.

Dec 2022

member forum call: Third Party Risk Briefing and 2023 TPRM Trends

Tuesday, December 13, 2022 | 11:00am-12:00pm ET

Using current industry metrics and feedback from Shared Assessments members, Shared Assessments subject matter experts will discuss third party risk trends as we head into 2023.

Cost: Free / Credits: 1 CPE