On Demand Events

Missed a recent webinar or Member Forum Call? Catch our previous virtual sessions here. We now offer CPEs from most of our on-demand offerings. To earn CPEs, please submit your information and codes in the form linked below. Note: our on-demand recordings work best when viewed in the Chrome browser.

RECEIVE CPES Contact Us

Webinar

Webinar

Webinar – Key Metrics to Measure and Communicate Third-Party Risk

With the unprecedented growth of vendor data breaches and supply chain disruptions, organizational leaders want greater visibility into their third-party ecosystems. Few security and risk professionals know how to effectively communicate third-party risk – often relying on complex, technical, and point-in-time dashboards that can be confusing for board members. This session will examine how to measure and communicate the key TPRM KPIs and KRIs.

This webinar will:

  • • Examine four metrics categories: Risk, Threat, Compliance & Coverage
  • • Define the Key Performance & Key Risk Indicators for each category
  • • Explain which metrics you should share with stakeholders and why
Speakers:
  • Joe Toley
    Compliance Expert & Project Director, Prevalent
    Joe Toley is responsible for ensuring that the demands of the marketspace are considered and applied innovatively within the Prevalent portfolio. He comes from a compliance and IT security background, and with more that 12 years of experience and expertise.
    View full bio
  • Elizabeth Dunsmoor
    TPRM Prinicipal, Shared Assessments
    Elizabeth Dunsmoor recently joined Shared Assessments as a TPRM Principal after 15 years as a TPRM practitioner. She has experience designing holistic programs and delivering assessment work within the cybersecurity, financial services, manufacturing, and healthcare sectors. With a proven ability to oversee and execute long-term operational strategies and methodologies for risk programs, Elizabeth is proficient in a variety of management actions including translating strategies into measurable plans, partnering with Procurement, corporate teams, and firm leaders to develop a pipeline of cross-functional leaders within the risk management function. She now provides training and guidance to business leaders to ensure understanding of program requirements, third-party capabilities, and performance expectations.
    View full bio
Register to Watch

Webinar

Webinar – Annual Audit Plan: Incorporating TPRM and Enhancing Efficiency and Oversight

As the focus on third-party risks continues to intensify, pressure on internal audit to provide insights into TRPM programs is also increasing. The good news is that third-party risk management tools continue to evolve to make programs more efficient while also enhancing the ability to monitor vendors on an ongoing basis. This session will explore TRPM technologies and ways internal audit departments can provide insights on the performance of a TPRM program.

In this session we will:

  • • Demonstrate uses of technology and automation in the execution of a TPRM program.
  • • Learn how to plan for a TPRM audit
  • • Describe ways to test the effectiveness of the program
Speakers:
  • Amy Feldman
    Director, Security and Privacy Risk Consulting, RSM
    Amy currently serves as a director in RSM’s independent security controls practice, focusing on third-party risk management services. With over 10 years of experience consulting in security, privacy, and risk management services across a variety of industries, Amy focuses on helping her clients build, implement, and assess their third-party risk management programs aligning to industry best practices as defined by Shared Assessments, the Third Party Risk Association, and a variety of governance frameworks and compliance requirements. Prior to following her passion in third-party risk management, Amy oversaw the project management office (PMO) for security and privacy risk consulting where she was responsible for the centralized and coordinated management of consulting processes and delivery of engagements within the security and privacy risk consulting practice.
    View full bio
  • Oliver Snavely
    Private Equity Lead, Risk Consulting, RSM
    Oliver provides risk advisory, process improvement, internal audit, and third-party risk management services. His experience has crossed a number of industries including technology, telecommunications, media, real estate, and life science. Additionally, Oliver has provided audit and consulting services to private equity fund portfolio companies across industries and focuses on key areas that drive value creation such as process optimization and risk mitigation. Oliver is a private equity and third-party risk management leader within the firm’s Risk Consulting practice.
    View full bio
  • Elizabeth Dunsmoor
    TPRM Principal, Shared Assessments
    Elizabeth Dunsmoor recently joined Shared Assessments as a TPRM Principal after 15 years as a TPRM practitioner. She has experience designing holistic programs and delivering assessment work within the cybersecurity, financial services, manufacturing, and healthcare sectors. With a proven ability to oversee and execute long-term operational strategies and methodologies for risk programs, Elizabeth is proficient in a variety of management actions including translating strategies into measurable plans, partnering with Procurement, corporate teams, and firm leaders to develop a pipeline of cross-functional leaders within the risk management function. She now provides training and guidance to business leaders to ensure understanding of program requirements, third-party capabilities, and performance expectations.
    View full bio
Register to Watch

Webinar

Webinar – Beyond the Questionnaire: Tips to Modernize Your TPRM Program

Third-Party Risk Management programs must manage a delicate balance between keeping up with new threats, navigating the evolving regulatory landscape, introducing new technologies, and always trying to do more with less. Join TPRM experts for a discussion on how forward-thinking TPRM teams are managing this balance by incorporating new relationships, technologies and techniques to mature their risk-reduction capabilities. Attend this session for trends, tips and techniques to help you:
  • • Build a strong partnership between procurement and information security to maximize both internal and external risk reduction
  • • Connect your internal controls to those of your vendors for a true assessment of your organization’s preparedness
  • • Leverage expert content, enterprise data and industry subject-matter expertise to reduce workloads, streamline assessments and confirm results are acceptable
  • • Employ artificial risk intelligence to significantly reduce the most time-intensive assessment activities
Speakers:
  • Ed Thomas
    Senior Vice President, ProcessUnity
    Ed Thomas leads ProcessUnity’s marketing team and is responsible for the company’s awareness, demand generation and thought-leadership programs. In his marketing and sales operations roles at ProcessUnity, Cura Software Solutions and OpenPages (now IBM), Ed has helped hundreds of organizations streamline their risk and compliance programs using next-generation automation tools.
    View full bio
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Webinar – The Future of Third Party Risk Management: Navigating the Risk and Reward of AI and Machine Learning

Artificial Intelligence (AI) and Machine Learning (ML) technologies are evolving rapidly, bringing the potential to transform Third Party Risk Programs and paving the way for remarkable efficiencies. With great promise comes significant risk that must be understood and mitigated. Dive into the cutting-edge world of AI and ML solutions for Third Party Risk Management. Panelists will share their expertise and preview Shared Assessments’ AI/ML Risk domain and associated controls aligning with NIST AI RMF.
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Niall Browne
    Senior Vice President and Chief Information Security Officer, Palo Alto Networks
    Niall Browne is the Senior Vice President and Chief Information Security Officer (CISO) at Palo Alto Networks. Niall is passionate about helping secure businesses in the cloud. Virtually every company is going through a digital transformation journey to be able to compete and thrive, e.g. cloud, mobile, IoT, machine learning. At Palo Alto Networks, Niall leads the security team that is responsible for helping secure our services. Before joining Palo Alto Networks, Niall was the CSO of cloud platforms for the past sixteen years, including as the Chief Security Officer (CSO) and Chief Trust Officer at Workday.
    View full bio
  • Phil Bennett
    Manager, Information Security Governance, Horizontal Services, Navy Federal Credit Union, Vienna, Virginia
    Phil has led cyber security advisory and assurance teams in the financial sector since 2002. He has driven innovation in best practices for cyber security third party risk management at a top ten financial sector company. He also led the cyber security team providing input into M&A transactions. In March 2020, he joined the Navy Federal Credit Union in Vienna, Virginia to lead cyber security horizontal governance functions including: metrics and related C-suite reporting, data security event management, phishing, education and awareness, and communications. Phil is passionate about making certain the implementation of cyber security-related governance and risk management solutions, and their operational processes, are practical to consider the organization's business drivers, culture, risk appetite, size, and budget. Phil holds the Certified Information System Security Professional (CISSP), Shared Assessments Certified Third Party Risk Professional (CTPRP), Certified Information Security Manager (CISM) certifications, and the M&A @ Columbia Business School certificate
    View full bio
  • Daniel Christman
    Manager of AI Programs and Co-Founder, Cranium
    Daniel is a Manager of AI Programs and Co-founder of Cranium, the leading AI security and trust platform that spun out of the KPMG Studio in April 2023. Prior to Cranium, Daniel worked in the KPMG Cyber practice focusing on Third Party Security and Risk Management, driving innovative approaches to managing the third-party security lifecycle. While at KPMG, he additionally spearheaded the initiative to establish the AI Security Services practice, building the initial AI security framework for a Fortune 50 Life Sciences client.
    View full bio
Register to Watch

Webinar

Webinar – Where Contracting Fits in the Third-Party Risk Lifecycle: 5 Opportunities for Optimization

Managing the third-party lifecycle involves stakeholders across many business units: information security, privacy, legal, finance, procurement, and others. When these teams collaborate to streamline workflows, efficiency can be realized in contracting and holding third parties accountable for their obligations. This session will focus on weaving contracting into the third-party lifecycle to limit risk exposure while automating processes. You will learn:

  • • How to align third-party risk management and contracting/procurement teams
  • • Insights on types of risk that can be managed through contracting
  • • Best practices to limit risk exposure through contracting
  • • Ways to monitor your third parties and their contractual obligations
Speakers:
  • Shea Hanson
    Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
    Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
    View full bio
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is the CEO of Shared Assessments, a global membership organization that supports hundreds of companies, risk programs, and thousands of associated third-party and other risk professionals. As a risk practitioner and executive, he has driven a culture of accountability and diligence in safeguarding information and other assets for organizations and their third parties. He has more than 25 years of experience in risk management and information security. Prior to joining Shared Assessments in 2022, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone for four years, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm. Prior to Blackstone, he worked at BlackRock from 2010-18, where he first joined and then eventually led the firm’s Vendor Risk Management team. Before that, Andrew worked at Citigroup nine years, finishing as a Senior Vice President and Business Information Security Officer in Global Fixed Income, leading onsite third-party risk assessments across the United States, Europe, and Asia.
    View full bio
Register to Watch

Demo

Quick SIG Demo

This is a quick introduction to the Standardized Information Gathering (SIG) Questionnaire. In less than 15 minutes, this recording presents how to:
  • Scope questionnaires using the SIG
  • Use the customizable Content Library
  • Automatically review and grade completed SIG questionnaire responses
  • Benefit from administrative functionalities to manage the data within SIGs
    • Note: CPE credits are not available for this session.
    Register to Watch

    Webinar

    Webinar – Out of the DARk: Shining Light on the Ransomware Threat

    In today’s digital age, cyber threats are a rising concern to organizations, ransomware being one of the most insidious of those threats. Join subject matter experts from Shared Assessments and Digital Asset Redemption, a compliance-focused service provider to companies involved in cybersecurity incident response, for a discussion on the current ransomware threat landscape, and ways to protect, defend, and respond to those threats. About Digital Asset Redemption: DAR aims to be the light that shines through the shadows of blackmail, spanning the shortest distance between cyber incident and response. We champion a suite of personalized, protective, precise Payment Solutions to provide a clear, confident response in times of duress.
    Register to Watch

    Webinar

    Simplify Reporting Against the 5 Most Impactful Third-Party Risk Management Regulations

    This session explores how to simplify meeting reporting obligations for the most impactful third-party risk management regulations and requirements including GDPR, CCPA, HIPAA, and SOX. The right risk strategies empower organizations with frameworks to manage risk appropriately. Panelists will examine the complexities of third-party risk reporting and provide insight into practical tools and techniques (such as the Shared Assessments SIG) to improve reporting processes and outcomes.
    Speakers:
    • Alastair Parr
      Senior Vice President, Global Products & Risk, Prevalent
      Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.
      View full bio
    • Ron Parham
      Vice President of Risk Regulations & Compliance, Shared Assessments
      Ronald Parham is the Vice President of Risk Regulations & Compliance at Shared Assessments where he manages regulatory mapping where he provides members with materials to assist them and their third-party partners in navigating the risk and regulatory landscape.
      View full bio
    Register to Watch

    Webinar

    5 Best Practices for Streamlining Your Third-Party Risk Management Workflows

    Time is a valuable resource, especially when trying to manage a third-party risk program at scale. With countless third parties to manage, hundreds of assessments to send, and even more risks to analyze, how do you keep up?

    Streamlined workflows throughout the third-party risk management (TPRM) lifecycle, from onboarding to offboarding, can create a sense of order and accountability. This session will explore best practices relating to:

    • • Workflow development and accounting for abnormal situations ​
    • • Defining stakeholder roles and ensuring accountability ​
    • • Methods for improving collaboration and communication ​
    • • Metrics to track to identify workflow bottlenecks
    Speakers:
    • Shea Hanson
      Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
      Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
      View full bio
    • Colleen Milazzo
      Senior Vice President, TPR Software Products, Shared Assessments
      Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
      View full bio
    Register to Watch

    Webinar

    Journey to Standardization

    Shared Assessments will provide guidance to program managers and risk professionals for optimizing the efficiency and maturation of strategic supplier management programs. Examining how standards and regulations can align, we will cover how to drive the integrated acceptance of standard risk frameworks and diligence practices. This session will illuminate how to establish a common set of third-party diligence and management frameworks with a focus on Cyber, ESG, and Privacy Standards.
    Speakers:
    • Andrew Moyad
      CEO, Shared Assessments
      Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
      View full bio
    Register to Watch
    1 2 3 4 5 9