On Demand Events

Missed a recent webinar or Member Forum Call? Catch our previous virtual sessions here. We now offer CPEs from most of our on-demand offerings. To earn CPEs, please submit your information and codes in the form linked below. Note: our on-demand recordings work best when viewed in the Chrome browser.

All On-demand Events

Unifying Your Response to Interagency Guidance: A Cross-Domain, Cross-Department Approach

The Federal Reserve Board (the Board), Federal Deposit Insurance Corporation (FDIC), and Office of the Comptroller of the Currency (OCC) collectively introduced the Interagency Guidance on Third-Party Relationships: Risk Management. In June 2023, the guidance officially became effective – you’re now expected to comply. So, what do you do? This session will provide a structured roadmap for understanding and responding to the interagency guidance. This webinar will equip attendees with insights into:

  • • Awareness of the Guidance: Deep dive into the essence of the guidance and its implications.
  • • Understanding Gaps: Evidence-based strategies to identify and bridge gaps in existing programs.
  • • Road Map to Operationalization: Practical recommendations and actionable plans for a seamless integration.
Speakers:
  • Chris Johnson
    Senior Advisor, Shared Assessments
    Chris is a Senior Advisor to Shared Assessments where he focuses on healthcare, financial services, and emerging technologies. He has more than 25 years of experience helping clients effectively manage risk while exhibiting a passionate and dynamic leadership style. Prior to joining Shared Assessments, Chris led third party risk management and information technology initiatives at Bristol Myers Squibb, Bank of America, Merrill Lynch, KPMG, and Marriott International.
    View full bio
  • Tammy Knies
    Head of Vendor Risk, Live Oak Bank
    Tammy is a seasoned Third-Party Risk professional. She spent many years as SVP of Vendor Management and Procurement at People’s United Bank, a 62B Financial Institution, prior to their sale to M&T Bank almost two years ago. She is now Head of Vendor Management at Live Oak Bank in Wilmington, NC. Tammy currently is a council member of Canapi’s Vendor Management Council and a long-standing member of Shared Assessments. She resides in NC with her husband.
    View full bio
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is the CEO of Shared Assessments, a global membership organization that supports hundreds of companies, risk programs, and thousands of associated third-party and other risk professionals. As a risk practitioner and executive, he has driven a culture of accountability and diligence in safeguarding information and other assets for organizations and their third parties. He has more than 25 years of experience in risk management and information security.
    View full bio
Register to Download
Register to Watch

November Member Forum Call – Product Release Review

This session will feature an overview of the 2024 Shared Assessments Product Suite as well as the brand-new Third-Party Service Inherent Risk Rating (TPSIRR) solution. We will review current regulations covered by the Standardized Information Gathering (SIG) Questionnaire and explore our newest risk domains (AI and Supply Chain Risk). Members will be the first to receive the special overview and demo.
Become a Member to Download
Become a Member to Watch

Operationalizing Geopolitical Risk Analysis for Effective Enterprise Decision Making

In today's interconnected world, geopolitical risk can have a significant impact on businesses of all sizes. This webinar will explore how to operationalize geopolitical risk analysis to make better decisions for your organization. Participants will learn how to:
  • • Define "geopolitics" in the context of risk management
  • • Adapt your approach to geopolitical risk by building the necessary frameworks
  • • Explore the processes, tools, and technology for decision making in a new era of uncertainty
Speakers:
  • John Bree
    Chief Evangelist & Chief Risk Officer, Supply Wisdom
    John is Chief Evangelist & Chief Risk Officer with Supply Wisdom, the leading patented continuous risk intelligence and monitoring solution for third parties and locations. He is recognized as a global financial industry executive and risk subject matter expert, in vendor/third-party risk management, AML/CTF, KYC, and anti-fraud programs. Prior to joining Supply Wisdom, John held senior positions globally for Citi and Deutsche Bank covering corporate, investment, commercial and consumer banking. He has managed global staffs and corresponding budgets in multiple locations and delivered cost efficient and operationally effective programs ensuring compliance with local and global regulatory requirements. Through interaction with Business Units, Internal Audit and regulatory agencies, John resolved MRIAs, MRAs and Findings, on time and without penalty John is a member of the Shared Assessments US and UK Steering Committees and Co-Chair of the Financial Industry Vertical Strategy Group.
    View full bio
  • Victor Meyer
    Chief Strategy Officer, Supply Wisdom
    Victor Meyer is the Chief Strategy Officer and Head of EMEA for risk intelligence firm Supply Wisdom. He was formerly Group Head of Operational Risk Management and Strategic Intelligence at Deutsche Bank. Prior to joining Deutsche Bank, Victor was a U.S. Navy SEAL and was awarded the Bronze Star with Combat “V.” 

Victor holds a BA in Physics from the US Naval Academy, studied National Security Affairs at the U.S. Naval War College and holds a joint Masters in Business Administration degree from New York University’s Stern School of Business, HEC School of Management in Paris and the London School of Economics and Political Science, where he was formerly guest lecturer on financial crime. He is a former Vice-Chairman of the World Economic Forum's Global Agenda Councils for Pandemic, and Catastrophic Risk.
    View full bio
Register to Download
Register to Watch

Webinar – Utilizing Inherent Risk for More Efficient Third-Party Management

To build an efficient third-party risk management (TPRM) program, its critical to prioritize which vendors and suppliers present the most risk, as well as which ones are essential to your operations. By understanding where to prioritize your time, you can onboard key vendors faster, spend the right amount time performing due diligence, and invest the most resources assessing and monitoring the third parties that matter most. In this webinar, you’ll learn:
  • • Ways to determine inherent risk and how it provides value
  • • Determine the type, depth, and level of validation for vendor assessments
  • • Tier your third parties by criticality
  • • Streamline and scale your TPRM program
Speakers:
  • Shea Hanson
    Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
    Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
    View full bio
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Nasser Fattah
    Senior Consultant, Shared Assessments
    Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.
    View full bio
Register to Download
Register to Watch

October Member Forum Call – Framework for Managing Third Party Reputation Risk: Identifying, Assessing, Reporting, Mitigating, and Monitoring

This session introduces Shared Assessments Framework for Managing Third Party Reputation Risk. The panel will discuss how the framework fosters synergies across disciplines to best manage the fact that all aspects of third party services have the potential to impact reputation—such as product quality/safety; cybersecurity; and physical security, privacy, and ESG practices, including fair labor practices.
Speakers:
  • Marya Roddis
    Senior Technical Editor & Founder, Technical Consulting Firm, S.U.N.
    Marya Roddis is a senior technical and grant writer providing high quality business, communications, management, design and education support services to public and private, for-profit and non-profit organizations and agencies. She is the former VP of Technical Writing for Shared Assessments and has served in administrative, technical, and teaching capacities in varied settings including University of Alaska Institute of Northern Forestry and the Medical Identity Fraud Alliance.
    View full bio
  • Kaelyn Lewis
    Vendor Risk Manager, Global Federal Credit Union
    Vendor Risk Manager for Global Federal Credit Union and Co-Chair of the Shared Assessments Global TPRM Best Practices Committee.
    View full bio
  • David A. McCrory
    Senior Manager, Technology Risk Management & Controls, Ontario Teachers’ Pension Plan Board
    Senior Manager, Technology Risk Management & Controls, Ontario Teachers’ Pension Plan Board and member of the Shared Assessments Global TPRM Best Practices Committee.
    View full bio
  • Marc Weinberg
    VP, Vendor Risk Management, Commerzbank AG, New York Branch
    Marc Weinberg is VP, Vendor Risk Management at Commerzbank AG, New York Branch. His experience includes Sarbanes-Oxley compliance, systems implementation, information security, and vendor management. He holds CTPRP, CTPRA, and Open FAIRTM certifications, among others. He earned his bachelor’s in Accounting at Binghamton University, and his MBA in Finance at CUNY Baruch College
    View full bio
Become a Member to Download
Become a Member to Watch

Webinar – Key Metrics to Measure and Communicate Third-Party Risk

With the unprecedented growth of vendor data breaches and supply chain disruptions, organizational leaders want greater visibility into their third-party ecosystems. Few security and risk professionals know how to effectively communicate third-party risk – often relying on complex, technical, and point-in-time dashboards that can be confusing for board members. This session will examine how to measure and communicate the key TPRM KPIs and KRIs.

This webinar will:

  • • Examine four metrics categories: Risk, Threat, Compliance & Coverage
  • • Define the Key Performance & Key Risk Indicators for each category
  • • Explain which metrics you should share with stakeholders and why
Speakers:
  • Joe Toley
    Compliance Expert & Project Director, Prevalent
    Joe Toley is responsible for ensuring that the demands of the marketspace are considered and applied innovatively within the Prevalent portfolio. He comes from a compliance and IT security background, and with more that 12 years of experience and expertise.
    View full bio
  • Elizabeth Dunsmoor
    TPRM Prinicipal, Shared Assessments
    Elizabeth Dunsmoor recently joined Shared Assessments as a TPRM Principal after 15 years as a TPRM practitioner. She has experience designing holistic programs and delivering assessment work within the cybersecurity, financial services, manufacturing, and healthcare sectors. With a proven ability to oversee and execute long-term operational strategies and methodologies for risk programs, Elizabeth is proficient in a variety of management actions including translating strategies into measurable plans, partnering with Procurement, corporate teams, and firm leaders to develop a pipeline of cross-functional leaders within the risk management function. She now provides training and guidance to business leaders to ensure understanding of program requirements, third-party capabilities, and performance expectations.
    View full bio
Register to Download
Register to Watch

Webinar – Annual Audit Plan: Incorporating TPRM and Enhancing Efficiency and Oversight

As the focus on third-party risks continues to intensify, pressure on internal audit to provide insights into TRPM programs is also increasing. The good news is that third-party risk management tools continue to evolve to make programs more efficient while also enhancing the ability to monitor vendors on an ongoing basis. This session will explore TRPM technologies and ways internal audit departments can provide insights on the performance of a TPRM program.

In this session we will:

  • • Demonstrate uses of technology and automation in the execution of a TPRM program.
  • • Learn how to plan for a TPRM audit
  • • Describe ways to test the effectiveness of the program
Speakers:
  • Amy Feldman
    Director, Security and Privacy Risk Consulting, RSM
    Amy currently serves as a director in RSM’s independent security controls practice, focusing on third-party risk management services. With over 10 years of experience consulting in security, privacy, and risk management services across a variety of industries, Amy focuses on helping her clients build, implement, and assess their third-party risk management programs aligning to industry best practices as defined by Shared Assessments, the Third Party Risk Association, and a variety of governance frameworks and compliance requirements. Prior to following her passion in third-party risk management, Amy oversaw the project management office (PMO) for security and privacy risk consulting where she was responsible for the centralized and coordinated management of consulting processes and delivery of engagements within the security and privacy risk consulting practice.
    View full bio
  • Oliver Snavely
    Private Equity Lead, Risk Consulting, RSM
    Oliver provides risk advisory, process improvement, internal audit, and third-party risk management services. His experience has crossed a number of industries including technology, telecommunications, media, real estate, and life science. Additionally, Oliver has provided audit and consulting services to private equity fund portfolio companies across industries and focuses on key areas that drive value creation such as process optimization and risk mitigation. Oliver is a private equity and third-party risk management leader within the firm’s Risk Consulting practice.
    View full bio
  • Elizabeth Dunsmoor
    TPRM Principal, Shared Assessments
    Elizabeth Dunsmoor recently joined Shared Assessments as a TPRM Principal after 15 years as a TPRM practitioner. She has experience designing holistic programs and delivering assessment work within the cybersecurity, financial services, manufacturing, and healthcare sectors. With a proven ability to oversee and execute long-term operational strategies and methodologies for risk programs, Elizabeth is proficient in a variety of management actions including translating strategies into measurable plans, partnering with Procurement, corporate teams, and firm leaders to develop a pipeline of cross-functional leaders within the risk management function. She now provides training and guidance to business leaders to ensure understanding of program requirements, third-party capabilities, and performance expectations.
    View full bio
Register to Download
Register to Watch

September Member Forum Call – Explore the Quantum Computing Revolution: Unleashing Unimaginable Data Processing Speeds

Join us as industry experts delve into the impending shifts brought about by quantum computing advancements. Prepare for a future where data processing reaches unprecedented speeds, propelling us into a realm of previously inconceivable simulations. As we hurtle towards 2024 and beyond, discover the essential adaptations required for security and cryptography to remain resilient against this unparalleled computational prowess. Gain exclusive insights and proactive measures from our panelists to navigate the imminent transformation.
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Konstantinos Karagiannis
    Director, Quantum Computing Services, Protiviti
    Konstantinos is the Director of Quantum Computing Services at Protiviti, where he and his team help companies get ready for quantum opportunities and threats. He has been involved in the quantum computing industry since 2012, and in InfoSec since the 90s. Konstantinos is a frequent speaker at RSA, Black Hat, Defcon, and dozens of conferences worldwide. He also hosts The Post-Quantum World podcast.
    View full bio
Become a Member to Download
Become a Member to Watch

Webinar – Beyond the Questionnaire: Tips to Modernize Your TPRM Program

Third-Party Risk Management programs must manage a delicate balance between keeping up with new threats, navigating the evolving regulatory landscape, introducing new technologies, and always trying to do more with less. Join TPRM experts for a discussion on how forward-thinking TPRM teams are managing this balance by incorporating new relationships, technologies and techniques to mature their risk-reduction capabilities. Attend this session for trends, tips and techniques to help you:
  • • Build a strong partnership between procurement and information security to maximize both internal and external risk reduction
  • • Connect your internal controls to those of your vendors for a true assessment of your organization’s preparedness
  • • Leverage expert content, enterprise data and industry subject-matter expertise to reduce workloads, streamline assessments and confirm results are acceptable
  • • Employ artificial risk intelligence to significantly reduce the most time-intensive assessment activities
Speakers:
  • Ed Thomas
    Senior Vice President, ProcessUnity
    Ed Thomas leads ProcessUnity’s marketing team and is responsible for the company’s awareness, demand generation and thought-leadership programs. In his marketing and sales operations roles at ProcessUnity, Cura Software Solutions and OpenPages (now IBM), Ed has helped hundreds of organizations streamline their risk and compliance programs using next-generation automation tools.
    View full bio
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Download
Register to Watch

Webinar – The Future of Third Party Risk Management: Navigating the Risk and Reward of AI and Machine Learning

Artificial Intelligence (AI) and Machine Learning (ML) technologies are evolving rapidly, bringing the potential to transform Third Party Risk Programs and paving the way for remarkable efficiencies. With great promise comes significant risk that must be understood and mitigated. Dive into the cutting-edge world of AI and ML solutions for Third Party Risk Management. Panelists will share their expertise and preview Shared Assessments’ AI/ML Risk domain and associated controls aligning with NIST AI RMF.
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Niall Browne
    Senior Vice President and Chief Information Security Officer, Palo Alto Networks
    Niall Browne is the Senior Vice President and Chief Information Security Officer (CISO) at Palo Alto Networks. Niall is passionate about helping secure businesses in the cloud. Virtually every company is going through a digital transformation journey to be able to compete and thrive, e.g. cloud, mobile, IoT, machine learning. At Palo Alto Networks, Niall leads the security team that is responsible for helping secure our services. Before joining Palo Alto Networks, Niall was the CSO of cloud platforms for the past sixteen years, including as the Chief Security Officer (CSO) and Chief Trust Officer at Workday.
    View full bio
  • Phil Bennett
    Manager, Information Security Governance, Horizontal Services, Navy Federal Credit Union, Vienna, Virginia
    Phil has led cyber security advisory and assurance teams in the financial sector since 2002. He has driven innovation in best practices for cyber security third party risk management at a top ten financial sector company. He also led the cyber security team providing input into M&A transactions. In March 2020, he joined the Navy Federal Credit Union in Vienna, Virginia to lead cyber security horizontal governance functions including: metrics and related C-suite reporting, data security event management, phishing, education and awareness, and communications. Phil is passionate about making certain the implementation of cyber security-related governance and risk management solutions, and their operational processes, are practical to consider the organization's business drivers, culture, risk appetite, size, and budget. Phil holds the Certified Information System Security Professional (CISSP), Shared Assessments Certified Third Party Risk Professional (CTPRP), Certified Information Security Manager (CISM) certifications, and the M&A @ Columbia Business School certificate
    View full bio
  • Daniel Christman
    Manager of AI Programs and Co-Founder, Cranium
    Daniel is a Manager of AI Programs and Co-founder of Cranium, the leading AI security and trust platform that spun out of the KPMG Studio in April 2023. Prior to Cranium, Daniel worked in the KPMG Cyber practice focusing on Third Party Security and Risk Management, driving innovative approaches to managing the third-party security lifecycle. While at KPMG, he additionally spearheaded the initiative to establish the AI Security Services practice, building the initial AI security framework for a Fortune 50 Life Sciences client.
    View full bio
Register to Download
Register to Watch
1 2 3 4 5 12