On Demand Events

Missed a recent webinar or Member Forum Call? Catch our previous virtual sessions here. We now offer CPEs from most of our on-demand offerings. To earn CPEs, please submit your information and codes in the form linked below. Note: our on-demand recordings work best when viewed in the Chrome browser.

RECEIVE CPES Contact Us

Webinar

Webinar

5 Best Practices for Streamlining Your Third-Party Risk Management Workflows

Time is a valuable resource, especially when trying to manage a third-party risk program at scale. With countless third parties to manage, hundreds of assessments to send, and even more risks to analyze, how do you keep up?

Streamlined workflows throughout the third-party risk management (TPRM) lifecycle, from onboarding to offboarding, can create a sense of order and accountability. This session will explore best practices relating to:

  • • Workflow development and accounting for abnormal situations ​
  • • Defining stakeholder roles and ensuring accountability ​
  • • Methods for improving collaboration and communication ​
  • • Metrics to track to identify workflow bottlenecks
Speakers:
  • Shea Hanson
    Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
    Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
    View full bio
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Journey to Standardization

Shared Assessments will provide guidance to program managers and risk professionals for optimizing the efficiency and maturation of strategic supplier management programs. Examining how standards and regulations can align, we will cover how to drive the integrated acceptance of standard risk frameworks and diligence practices. This session will illuminate how to establish a common set of third-party diligence and management frameworks with a focus on Cyber, ESG, and Privacy Standards.
Speakers:
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
    View full bio
Register to Watch

Webinar

Debunking Vendor Cybersecurity Myths

From speculating that vendors have terrifying security posture to guessing that vendors have water-tight security practices, organizations make assumptions around cybersecurity too often. What does the cybersecurity standing between business and their vendors actually look like? In a new study, RiskRecon by Mastercard and Cyentia Institute examine security assessments across more than 50,000 B2B relationships. Through this data, this session will illustrate:
  • • The likelihood of your firm or a firm you are working being involved in a breach event
  • • How firms can be exposed to a variety of new security risks via third parties
  • • The impact of poor assessment practices on your cybersecurity standing
Speakers:
  • David F. Severski
    Senior Security Data Scientist, Cyentia
    David F. Severski is an information security data scientist, specializing in quantified risk management. He has provided risk management expertise across diverse industries—retail, aerospace, finance, energy, and healthcare. Severski brings both broad and deep expertise in a number of technical areas with a special focus on cloud technologies and DevOps practices. He strives to combine rigorous methods, technical expertise, and a human-centered approach to advance the state of evidence-based information security risk management.
    View full bio
  • Nasser Fattah
    Senior Consultant, Shared Assessments
    Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.
    View full bio
Register to Watch

Webinar

ESG SIG Product Launch Webinar

In this session, we will show the ESG SIG product alongside a discussion of use cases, key features and benefits. We will touch on the regulations, standards and frameworks mapped to by the ESG SIG and learn how this solution was made.
Speakers:
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Top 5 Tips to Scale Your Third-Party Security Risk Program

The “cloud-first” strategy at many companies today translates into an ever-increasing number of third-parties, and even greater number of risks. While cybersecurity technology is better than ever, in a world where so much of every business operation is outsourced, your third-parties’ attack surface is your attack surface -- and your existing cyber stack may not help you. This webinar will explore the top 5 tips to effectively scale a third-party cyber risk management program in order to manage the mounting number of third-parties
Speakers:
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Dov Goldman
    Director of Risk and Compliance, Panorays
    Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.
    View full bio
Register to Watch

Webinar

Diverging Paths in ESG Regulation?

We’ll discuss:

  • • Why ESG matters to third party (and Nth party) risk management
  • • EU and German Supply Chain Due Diligence Regulations (environment and human rights) and what sets them apart from other ESG regulations
  • • Newly approved EU Corporate Sustainability Reporting Regulation and SEC Climate Reporting proposal
  • • ESG and the U.S. 2024 election’s impact on regulations
  • • ESG Standards consolidation – ISSB
  • • Proposed New York State Department of Financial Service Guidance for New York State Regulated Banking and Mortgage Institutions Relating to Management of Material Financial Risks from Climate Change and existing Insurance industry guidance
  • • Bank of England observations on climate related risks

And more!

Speakers:
  • Gary Roboff
    Senior Advisor, Shared Assessments
    Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Determining the Risk of Critical Third Parties

Leveraging third parties can lead to significant efficiencies, but it is not without risk. This session will explore criteria used to establish inherent risk and provide approaches for assessing a critical third-party relationship.

Panelists will share the results of a recent Shared Assessments Critical Third-Party Survey covering TPRM processes including: Risk Tiering Techniques; Inherent Risk Criteria; Critical Third Party Criteria; Number of Critical Third Parties and Assessment Timeframe Approvals. Additionally, panelists will highlight work being done by Shared Assessments members on an Inherent Risk Product.

Note: You can review our Corporate Due Diligence blog and download our responses to regulation enhancements requested by:

  • • Prudential Regulatory Authority - Operational Resilience: Critical Third Parties to the UK Financial Sector;
  • • NYS- Department of Financial Services - Cybersecurity Requirements;
  • • Security Exchange Commission - Rule on Outsourcing by Investment Advisors
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Hannah Ford
    Risk Manager - Supply & Third Party Risk Intelligence, Supply Wisdom
    Hannah is a Certified Third Party Risk Professional with over a decade of experience in the field of risk analysis, management, and mitigation. As a manager on the Supply Wisdom Risk & Resilience team, she uses her experience as a practitioner and manager of risk assessment and mitigation processes to help her team optimize the future of active, continuous risk management.
    View full bio
Register to Watch

Webinar

Top 5 Ways to Make your Business More Resilient in 2023

A year marked by an increase in supply chain disruptions, 2022 left many organizations reeling in its aftermath. The New Year offers a chance for companies to prepare for a new wave of disruption and threats to business resiliency from economic headwinds, supply chain shortages, geopolitical events, and increased regulatory scrutiny.

This webinar will explore the top ways risk professionals can improve resiliency. Participants will learn practical ways to identify and manage threats posed by Nth Parties, understand and prepare for heightened ESG regulations, and identify cascading risk events that could signal a looming cyber-related disruption.

Speakers:
  • Jenna Wells
    Global Head Of Customer Experience, Supply Wisdom
    A Boston native, Jenna graduated from Purdue University as a Distinguished Military Graduate. Upon graduation she was commissioned as an Officer in the United States Marine Corps and went on to serve on active duty as a Signals and Ground Electronic Intelligence Officer. Jenna trained at the Navy and Marine Corps Intelligence Training Center at Dam Neck, Virginia and at the National Security Agency in Baltimore, Maryland before deploying to Afghanistan in support of Operation Enduring Freedom. After transitioning from active duty, Jenna joined Wellington Management, where she was an AVP, Manager, Third Party Risk Management. While at Wellington, Jenna oversaw a 24/7 Global Command Center and managed their global risk command and third-party assessment process. Jenna then joined Iron Mountain as their Director of Third-Party Risk Management, where she was responsible for overseeing the implementation, regulation, and global management of their third-party ecosystem, which is across 50 plus countries.

    Jenna manages the Customer Success and Risk & Resilience teams at Supply Wisdom and is a Certified Third-Party Risk Professional.

    View full bio
  • Tom Garrubba
    Director, TPRM Professional Services, Echelon Risk + Cyber
    Tom Garrubba is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.
    View full bio
Register to Watch

Webinar

Best Practices for Effective Third-Party Security Risk Management

InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches: implementing a comprehensive and efficient third-party security risk management (TPRSM) process. This webinar will explore the challenges surrounding third-party security and provide steps for efficient and effective TPSRM.

This session will cover:

    • Why third-party information security is more challenging now than before
    • Essentials in the third-party security risk management process and what common gaps
    • Guidance for CISOs to ensure third parties comply with regulatory requirements
    • Automation of third-party security (Is it possible to assess a third party’s attack surface with an automated platform?)
    • Communication with vendors to remediate cyber gaps
    • Onboarding new suppliers securely
Speakers:
  • Andrew Moyad
    CEO, Shared Assessments, Shared Assessments
    Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
    View full bio
  • Dov Goldman
    Director of Risk and Compliance, Panorays
    Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.
    View full bio
Register to Watch
1 3 4 5

About Us

Our Policies

Keep In Touch

Sign up to receive the latest information about upcoming events, releases, and offers for our risk management community.
© 2026 Shared Assessments LLC