On Demand Events

Third party risk management programs are being tasked to assist their organizations' ESG (environmental, social, and governance) efforts with their most critical suppliers and vendors, leaving TPR teams scratching their collective heads and asking “what does this mean to me?” Shared Assessments and ESG experts will help answer this and other ESG risk questions as the industry navigates this new and winding road.

Shared Assessments members will hear from fellow member Marco Baren, Head of Supplier Development/Supplier Sustainability and Operational Excellence at Royal Philips. Philips is a widely recognized Environmental Social Governance (ESG) leader with a long-term, and very successful, focus on sustainability. Marco will recount Philips' sustainability journey and explain how and why the firm moved away from a pure supplier audit approach to become sustainability partners with so many of its suppliers. These partnerships have generated sufficient data and analytical insight to predict sustainability scores, a groundbreaking step and another move towards full transparency. All based on some simple lean principles, applied in a rigid way!

Large scale supply chain disruptions. Ransomware attacks. SolarWinds. Kaseya. Remote assessments for the time being. The third-party risk climate is continually changing – but how has your organization adapted and what will the next 12 months look like for your team? Join Alastair Parr, SVP Products & Risk, Prevalent, and Tom Garrubba, Shared Assessments Vice President, as they discuss the new normal in third-party risk management.

This webinar will:

• • Review effective remote assessment methodologies
• • Examine the value of proactive event management to head off potential security incidents
• • Discuss ways to assess supply chain resilience to improve assurance
• • Identify how to develop stronger third-party situational awareness
• • Define and map key controls to ensure vendors stay on track

This webinar will provide a roadmap for tackling whatever comes next.

We expect an increase of distributed ledger and blockchain use by organizations, third parties and across supply chains given the efficiencies and benefits they provide. Presenters will give an introduction and high-level awareness of potential risks and opportunities as they move through your ecosystem and specifically how they may impact your Third Party Risk Management program.

Outsourcers and vendors suffer when targeted performance goals are not met, often forcing a termination of the relationship. This webinar will focus on strengthening contract language to ensure that you have set attainable KPIs, your vendor can meet regulations, and that enforcement will optimize vendor performance.

The threats faced by critical infrastructure sectors are virtually the same facing all industries. Members will hear from two experts from the financial services and critical manufacturing sectors about how they deal with those threats.

With the recent cyber attack on food supply giant JBS, ransomware has officially become a topic of dinner table discussion. As ransomware continues to dominate headlines and draw federal and international attention, the Shared Assessments Program will share trends and provide strategies for dealing with these devastating attacks on your organization and your suppliers and vendors.

The lock down caused by the pandemic has forced all companies to deploy some type of virtual work force, effectively eliminating the ability to conduct on-site risk control assessments. How have risk professionals and TPRM programs pivoted to address these changes? What is the impact on third party assurance testing (e.g., SOC, PCI, etc.) and evaluations been impacted? We will discuss the methods currently being used to perform risk control assessments virtually and other creative ways third party risk is being managed today.

Even without a global pandemic impacting supply chains, vendor business resilience and availability should be top-of-mind for all organizations. Vendor business resilience plans should be revisited regularly to ensure they are always up-to-date but many organizations lack a repeatable process to guide their review. This session will identify 5 critical steps every risk management team should take to regularly update and improve their vendor business resilience plans.

These steps include:

• -How to perform and update your Business Impact Assessment (BIA)
• -Ensuring your IT Resilience and Availability strategy matches your Operational Resilience strategy
• -Revisiting your Service Level Agreements (SLAs) and prioritizing them
• -How immutable storage protects your backups from tampering
• -The importance of testing incident management protocol with your hosted providers

Note: CPE credits are not available for this session.

We hear the same common challenges from third party risk managers implementing Continuous Monitoring into their programs. In this session we will hear from third party risk and Continuous Monitoring experts on how to optimize your program.

Note: CPE credits are not available for this session.