On Demand Events

The lock down caused by the pandemic has forced all companies to deploy some type of virtual work force, effectively eliminating the ability to conduct on-site risk control assessments. How have risk professionals and TPRM programs pivoted to address these changes? What is the impact on third party assurance testing (e.g., SOC, PCI, etc.) and evaluations been impacted? We will discuss the methods currently being used to perform risk control assessments virtually and other creative ways third party risk is being managed today.

Even without a global pandemic impacting supply chains, vendor business resilience and availability should be top-of-mind for all organizations. Vendor business resilience plans should be revisited regularly to ensure they are always up-to-date but many organizations lack a repeatable process to guide their review. This session will identify 5 critical steps every risk management team should take to regularly update and improve their vendor business resilience plans.

These steps include:

• -How to perform and update your Business Impact Assessment (BIA)
• -Ensuring your IT Resilience and Availability strategy matches your Operational Resilience strategy
• -Revisiting your Service Level Agreements (SLAs) and prioritizing them
• -How immutable storage protects your backups from tampering
• -The importance of testing incident management protocol with your hosted providers

Note: CPE credits are not available for this session.

We hear the same common challenges from third party risk managers implementing Continuous Monitoring into their programs. In this session we will hear from third party risk and Continuous Monitoring experts on how to optimize your program.

Note: CPE credits are not available for this session.

The impact of Environmental, Social and Governance (ESG) requirements on outsourcers and third parties is rapidly unfolding. Shared Assessments SMEs will review plans underway to understand and meet our member needs, including a preview of ESG in the 2022 TPRM Tools.

In third party risk circles, successful partnerships are not just about cultivating outsourced relationships - successful partnerships are about internal relationships as well. The symbiotic relationship between the TPRM Program and Procurement helps drive value to the organization by weeding out prospects with poor cyber hygiene, enabling a quicker assessment turnaround time for legitimate vendors. In this session, third party risk professionals will discuss the successes and strategies they have employed to partner and support one another's efforts.

Note: CPE credits are not available for this session.

Join Shared Assessments CEO Cathy Allen and OneTrust CEO Kabir Barday as they discuss how Shared Assessments plans to grow as a part of OneTrust. The two will cover: - Why the market needs third-party risk standardization - Plans to make the SIG the global standard for third-party risk - How Shared Assessments will continue to operate as a vendor-neutral industry organization - The (bigger and better!) future of the Shared Assessments Summit, certifications, toolkits, and more

Learn about the threat landscape and response playbook for ransomware. Shared Assessments’ experts will cover assessments and the paths to data recovery.

Join us for a conversation with Iron Mountain’s Dave O’Connor based on their member case study. Dave will discuss, with LPL Financial's Brad Keller, how Iron Mountain has been able to drive acceptance of the SIG, create efficiencies using standardized evidence documents and work internally across departments to keep information up-to-date for timely response to requests.

2020 was an unprecedented year for supply chain disruptions. And while we could not have foreseen the impact that the pandemic would have on our third-party relationships, there are several lessons to be learned to prevent similar failures from happening in the future. Join Shared Assessments and Prevalent as we examine the impact of the pandemic on each phase of the third-party lifecycle and review the top 5 lessons learned.

Members from the Shared Assessments Best Practices for TPRM & Assurance Awareness Group will discuss their recent briefing paper release providing a foundation for a more robust TPRM style that applies complex adaptive systems to the field of risk management.