On Demand Events

Missed a recent webinar or Member Forum Call? Catch our previous virtual sessions here. We now offer CPEs from most of our on-demand offerings. To earn CPEs, please submit your information and codes in the form linked below. Note: our on-demand recordings work best when viewed in the Chrome browser.

RECEIVE CPES Contact Us

Webinar

Webinar

Debunking Vendor Cybersecurity Myths

From speculating that vendors have terrifying security posture to guessing that vendors have water-tight security practices, organizations make assumptions around cybersecurity too often. What does the cybersecurity standing between business and their vendors actually look like? In a new study, RiskRecon by Mastercard and Cyentia Institute examine security assessments across more than 50,000 B2B relationships. Through this data, this session will illustrate:
  • • The likelihood of your firm or a firm you are working being involved in a breach event
  • • How firms can be exposed to a variety of new security risks via third parties
  • • The impact of poor assessment practices on your cybersecurity standing
Speakers:
  • David F. Severski
    Senior Security Data Scientist, Cyentia
    David F. Severski is an information security data scientist, specializing in quantified risk management. He has provided risk management expertise across diverse industries—retail, aerospace, finance, energy, and healthcare. Severski brings both broad and deep expertise in a number of technical areas with a special focus on cloud technologies and DevOps practices. He strives to combine rigorous methods, technical expertise, and a human-centered approach to advance the state of evidence-based information security risk management.
    View full bio
  • Nasser Fattah
    Senior Consultant, Shared Assessments
    Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.
    View full bio
Register to Watch

Webinar

ESG SIG Product Launch Webinar

In this session, we will show the ESG SIG product alongside a discussion of use cases, key features and benefits. We will touch on the regulations, standards and frameworks mapped to by the ESG SIG and learn how this solution was made.
Speakers:
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Top 5 Tips to Scale Your Third-Party Security Risk Program

The “cloud-first” strategy at many companies today translates into an ever-increasing number of third-parties, and even greater number of risks. While cybersecurity technology is better than ever, in a world where so much of every business operation is outsourced, your third-parties’ attack surface is your attack surface -- and your existing cyber stack may not help you. This webinar will explore the top 5 tips to effectively scale a third-party cyber risk management program in order to manage the mounting number of third-parties
Speakers:
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Dov Goldman
    Director of Risk and Compliance, Panorays
    Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.
    View full bio
Register to Watch

Webinar

Diverging Paths in ESG Regulation?

We’ll discuss:

  • • Why ESG matters to third party (and Nth party) risk management
  • • EU and German Supply Chain Due Diligence Regulations (environment and human rights) and what sets them apart from other ESG regulations
  • • Newly approved EU Corporate Sustainability Reporting Regulation and SEC Climate Reporting proposal
  • • ESG and the U.S. 2024 election’s impact on regulations
  • • ESG Standards consolidation – ISSB
  • • Proposed New York State Department of Financial Service Guidance for New York State Regulated Banking and Mortgage Institutions Relating to Management of Material Financial Risks from Climate Change and existing Insurance industry guidance
  • • Bank of England observations on climate related risks

And more!

Speakers:
  • Gary Roboff
    Senior Advisor, Shared Assessments
    Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Determining the Risk of Critical Third Parties

Leveraging third parties can lead to significant efficiencies, but it is not without risk. This session will explore criteria used to establish inherent risk and provide approaches for assessing a critical third-party relationship.

Panelists will share the results of a recent Shared Assessments Critical Third-Party Survey covering TPRM processes including: Risk Tiering Techniques; Inherent Risk Criteria; Critical Third Party Criteria; Number of Critical Third Parties and Assessment Timeframe Approvals. Additionally, panelists will highlight work being done by Shared Assessments members on an Inherent Risk Product.

Note: You can review our Corporate Due Diligence blog and download our responses to regulation enhancements requested by:

  • • Prudential Regulatory Authority - Operational Resilience: Critical Third Parties to the UK Financial Sector;
  • • NYS- Department of Financial Services - Cybersecurity Requirements;
  • • Security Exchange Commission - Rule on Outsourcing by Investment Advisors
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Hannah Ford
    Risk Manager - Supply & Third Party Risk Intelligence, Supply Wisdom
    Hannah is a Certified Third Party Risk Professional with over a decade of experience in the field of risk analysis, management, and mitigation. As a manager on the Supply Wisdom Risk & Resilience team, she uses her experience as a practitioner and manager of risk assessment and mitigation processes to help her team optimize the future of active, continuous risk management.
    View full bio
Register to Watch

Webinar

Top 5 Ways to Make your Business More Resilient in 2023

A year marked by an increase in supply chain disruptions, 2022 left many organizations reeling in its aftermath. The New Year offers a chance for companies to prepare for a new wave of disruption and threats to business resiliency from economic headwinds, supply chain shortages, geopolitical events, and increased regulatory scrutiny.

This webinar will explore the top ways risk professionals can improve resiliency. Participants will learn practical ways to identify and manage threats posed by Nth Parties, understand and prepare for heightened ESG regulations, and identify cascading risk events that could signal a looming cyber-related disruption.

Speakers:
  • Jenna Wells
    Global Head Of Customer Experience, Supply Wisdom
    A Boston native, Jenna graduated from Purdue University as a Distinguished Military Graduate. Upon graduation she was commissioned as an Officer in the United States Marine Corps and went on to serve on active duty as a Signals and Ground Electronic Intelligence Officer. Jenna trained at the Navy and Marine Corps Intelligence Training Center at Dam Neck, Virginia and at the National Security Agency in Baltimore, Maryland before deploying to Afghanistan in support of Operation Enduring Freedom. After transitioning from active duty, Jenna joined Wellington Management, where she was an AVP, Manager, Third Party Risk Management. While at Wellington, Jenna oversaw a 24/7 Global Command Center and managed their global risk command and third-party assessment process. Jenna then joined Iron Mountain as their Director of Third-Party Risk Management, where she was responsible for overseeing the implementation, regulation, and global management of their third-party ecosystem, which is across 50 plus countries.

    Jenna manages the Customer Success and Risk & Resilience teams at Supply Wisdom and is a Certified Third-Party Risk Professional.

    View full bio
  • Tom Garrubba
    Director, TPRM Professional Services, Echelon Risk + Cyber
    Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.
    View full bio
Register to Watch

Webinar

Best Practices for Effective Third-Party Security Risk Management

InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches: implementing a comprehensive and efficient third-party security risk management (TPRSM) process. This webinar will explore the challenges surrounding third-party security and provide steps for efficient and effective TPSRM.

This session will cover:

    • Why third-party information security is more challenging now than before
    • Essentials in the third-party security risk management process and what common gaps
    • Guidance for CISOs to ensure third parties comply with regulatory requirements
    • Automation of third-party security (Is it possible to assess a third party’s attack surface with an automated platform?)
    • Communication with vendors to remediate cyber gaps
    • Onboarding new suppliers securely
Speakers:
  • Andrew Moyad
    CEO, Shared Assessments, Shared Assessments
    Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
    View full bio
  • Dov Goldman
    Director of Risk and Compliance, Panorays
    Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.
    View full bio
Register to Watch

Webinar

New 2023 Product Suite: Standardized Excellence To Meet Today’s Risk Environment

Shared Assessments has updated and upgraded the 2023 Third Party Risk Management Product Suite to align with a changing regulatory and threat environment. Content has been adjusted to focus on Cybersecurity, Data Governance, Operational Risk, and Resilience. This session includes full details about updates and upgrades to the SIG, SCA, VRMMM, Data Governance Tools, including content organization and updates to industry and regulatory standards.

Cost: Free / Credits: 1 CPE
Speakers:
  • Christopher Campbell
    Manager of Sales, Shared Assessments
    Christopher has almost 20 years of experience in sales, customer relations, and corporate operations, including key sales and support roles in various industries ranging from health and fitness to construction. At Shared Assessments, he is responsible for member service, market research, program development, prospective member outreach, membership renewals, and is dedicated to helping members optimize their SIG.
    View full bio
  • Andy Hout
    Vice President, Tool Development & Implementation, Shared Assessments
    Andy has more than 30 years in data communications/information security and is familiar with all types of systems and transport technologies. Using this knowledge, Andy has conducted hundreds of vendor assessments and implemented vendor risk management programs for several large clients.
    View full bio
Register to Watch

Webinar

Exchange/Assessment Efficiency

The increased focus on efficiency of Third-Party Risk control assessments, performed on vendors and supply chains requires all organizations to improve their use and integration of products, techniques, and technologies. Regulators are increasing their focus on nth parties and recognize the increased need for more collaboration. This webinar will examine the benefits and challenges of using assessment exchanges and seek to provide guidance to organizations using and or considering the use of a TPRM exchange.
Speakers:
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Chris Paterson
    Director of Strategy, Third-Party Risk CIPP/E, CIPM, FIP, OneTrust
    Chris Paterson serves as Director of Strategy, Third-Party Risk Management at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In his role, Chris supports the OneTrust GRC & Security Assurance Cloud where he advises companies on how to reduce third party risks and build mutual trust between the business and its vendors. Chris is a Certified Information Privacy Professional and holds CIPP/E, CIPM certifications from the IAPP.
    View full bio
  • Jonathan Dambrot
    Principal, Cyber Security Services, KPMG
Register to Watch

Webinar

The 5 Criteria Essential for Long-Term Third-Party Risk Management Program Success

Your third-party risk management program is on solid footing and bringing in short term success. But how do you keep the momentum going? What does a dynamic, agile program look like? Join Tom Garrubba, Vice President of Shared Assessments, and Alastair Parr, Senior Vice President of Global Products & Services at Prevalent, as they:

  • • Discuss pragmatic, actionable long-term TPRM program goals
  • • Review considerations for appropriate resource planning and constraint management
  • • Show you best practices for business engagement and data collection
  • • Assess mechanisms for improving vendor interaction
  • • Explore how to create consistency in metrics for analysis and reporting
Speakers:
  • Tom Garrubba
    Director, TPRM Professional Services, Echelon Risk + Cyber
    Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.
    View full bio
  • Alastair Parr
    Senior Vice President, Global Products & Risk, Prevalent
    Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.
    View full bio
Register to Watch
1 2 3 4 5 6 9