On Demand Events

Missed a recent webinar or Member Forum Call? Catch our previous virtual sessions here. We now offer CPEs from most of our on-demand offerings. To earn CPEs, please submit your information and codes in the form linked below. Note: our on-demand recordings work best when viewed in the Chrome browser.

All On-demand Events

Webinar – Beyond the Questionnaire: Tips to Modernize Your TPRM Program

Third-Party Risk Management programs must manage a delicate balance between keeping up with new threats, navigating the evolving regulatory landscape, introducing new technologies, and always trying to do more with less. Join TPRM experts for a discussion on how forward-thinking TPRM teams are managing this balance by incorporating new relationships, technologies and techniques to mature their risk-reduction capabilities. Attend this session for trends, tips and techniques to help you:
  • • Build a strong partnership between procurement and information security to maximize both internal and external risk reduction
  • • Connect your internal controls to those of your vendors for a true assessment of your organization’s preparedness
  • • Leverage expert content, enterprise data and industry subject-matter expertise to reduce workloads, streamline assessments and confirm results are acceptable
  • • Employ artificial risk intelligence to significantly reduce the most time-intensive assessment activities
Speakers:
  • Ed Thomas
    Senior Vice President, ProcessUnity
    Ed Thomas leads ProcessUnity’s marketing team and is responsible for the company’s awareness, demand generation and thought-leadership programs. In his marketing and sales operations roles at ProcessUnity, Cura Software Solutions and OpenPages (now IBM), Ed has helped hundreds of organizations streamline their risk and compliance programs using next-generation automation tools.
    View full bio
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar – The Future of Third Party Risk Management: Navigating the Risk and Reward of AI and Machine Learning

Artificial Intelligence (AI) and Machine Learning (ML) technologies are evolving rapidly, bringing the potential to transform Third Party Risk Programs and paving the way for remarkable efficiencies. With great promise comes significant risk that must be understood and mitigated. Dive into the cutting-edge world of AI and ML solutions for Third Party Risk Management. Panelists will share their expertise and preview Shared Assessments’ AI/ML Risk domain and associated controls aligning with NIST AI RMF.
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Niall Browne
    Senior Vice President and Chief Information Security Officer, Palo Alto Networks
    Niall Browne is the Senior Vice President and Chief Information Security Officer (CISO) at Palo Alto Networks. Niall is passionate about helping secure businesses in the cloud. Virtually every company is going through a digital transformation journey to be able to compete and thrive, e.g. cloud, mobile, IoT, machine learning. At Palo Alto Networks, Niall leads the security team that is responsible for helping secure our services. Before joining Palo Alto Networks, Niall was the CSO of cloud platforms for the past sixteen years, including as the Chief Security Officer (CSO) and Chief Trust Officer at Workday.
    View full bio
  • Phil Bennett
    Manager, Information Security Governance, Horizontal Services, Navy Federal Credit Union, Vienna, Virginia
    Phil has led cyber security advisory and assurance teams in the financial sector since 2002. He has driven innovation in best practices for cyber security third party risk management at a top ten financial sector company. He also led the cyber security team providing input into M&A transactions. In March 2020, he joined the Navy Federal Credit Union in Vienna, Virginia to lead cyber security horizontal governance functions including: metrics and related C-suite reporting, data security event management, phishing, education and awareness, and communications. Phil is passionate about making certain the implementation of cyber security-related governance and risk management solutions, and their operational processes, are practical to consider the organization's business drivers, culture, risk appetite, size, and budget. Phil holds the Certified Information System Security Professional (CISSP), Shared Assessments Certified Third Party Risk Professional (CTPRP), Certified Information Security Manager (CISM) certifications, and the M&A @ Columbia Business School certificate
    View full bio
  • Daniel Christman
    Manager of AI Programs and Co-Founder, Cranium
    Daniel is a Manager of AI Programs and Co-founder of Cranium, the leading AI security and trust platform that spun out of the KPMG Studio in April 2023. Prior to Cranium, Daniel worked in the KPMG Cyber practice focusing on Third Party Security and Risk Management, driving innovative approaches to managing the third-party security lifecycle. While at KPMG, he additionally spearheaded the initiative to establish the AI Security Services practice, building the initial AI security framework for a Fortune 50 Life Sciences client.
    View full bio
Register to Watch

Webinar – Where Contracting Fits in the Third-Party Risk Lifecycle: 5 Opportunities for Optimization

Managing the third-party lifecycle involves stakeholders across many business units: information security, privacy, legal, finance, procurement, and others. When these teams collaborate to streamline workflows, efficiency can be realized in contracting and holding third parties accountable for their obligations. This session will focus on weaving contracting into the third-party lifecycle to limit risk exposure while automating processes. You will learn:

  • • How to align third-party risk management and contracting/procurement teams
  • • Insights on types of risk that can be managed through contracting
  • • Best practices to limit risk exposure through contracting
  • • Ways to monitor your third parties and their contractual obligations
Speakers:
  • Shea Hanson
    Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
    Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
    View full bio
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is the CEO of Shared Assessments, a global membership organization that supports hundreds of companies, risk programs, and thousands of associated third-party and other risk professionals. As a risk practitioner and executive, he has driven a culture of accountability and diligence in safeguarding information and other assets for organizations and their third parties. He has more than 25 years of experience in risk management and information security. Prior to joining Shared Assessments in 2022, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone for four years, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm. Prior to Blackstone, he worked at BlackRock from 2010-18, where he first joined and then eventually led the firm’s Vendor Risk Management team. Before that, Andrew worked at Citigroup nine years, finishing as a Senior Vice President and Business Information Security Officer in Global Fixed Income, leading onsite third-party risk assessments across the United States, Europe, and Asia.
    View full bio
Register to Watch

August Member Forum Call – When It’s Time to Say Goodbye: Vendor Exit Strategies and Plans

Creating an effective vendor exit strategy and plan means that when it’s time to part ways with your vendor, your organization can minimize disruptions, control expenses, and limit negative impacts to your stakeholders. Join us for an insightful discussion about what to know, what to do, and what to consider when creating your vendor exit strategies and plans.
Speakers:
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is the CEO of Shared Assessments, a global membership organization that supports hundreds of companies, risk programs, and thousands of associated third-party and other risk professionals. As a risk practitioner and executive, he has driven a culture of accountability and diligence in safeguarding information and other assets for organizations and their third parties. He has more than 25 years of experience in risk management and information security.

    Prior to joining Shared Assessments in 2022, Andrew served as Senior Vice President, Vendor Risk Management at Blackstone for four years, where he led a team of risk professionals responsible for overseeing all phases of the vendor lifecycle at the firm. Prior to Blackstone, he worked at BlackRock from 2010-18, where he first joined and then eventually led the firm’s Vendor Risk Management team. Before that, Andrew worked at Citigroup nine years, finishing as a Senior Vice President and Business Information Security Officer in Global Fixed Income, leading onsite third-party risk assessments across the United States, Europe, and Asia.

    View full bio
  • Hilary Jewhurst
    Head of Third-Party Risk Education & Advocacy, Venminder
    Hilary leads the advancement and promotion of third-party risk management best practices and solutions through thought leadership, subject matter expertise, and support for Venminder’s customers, Marketing, Sales, and Third-Party Risk divisions. Hilary has served as a senior leader for over 20 years, working in operations management, and risk management roles, with an emphasis on third-party risk. Hilary successfully built, improved, and managed enterprise-wide third-party risk management frameworks and programs for leading financial services companies. She has designed and developed training materials, reference guides, desk-top procedures, job aids, checklists, and templates for a full spectrum of learning environments and learners as well as personally trained hundreds of third-party risk managers, vendor relationship managers, and vendors.
    View full bio
Become a Member to Watch

Quick SIG Demo

This is a quick introduction to the Standardized Information Gathering (SIG) Questionnaire. In less than 15 minutes, this recording presents how to:
  • Scope questionnaires using the SIG
  • Use the customizable Content Library
  • Automatically review and grade completed SIG questionnaire responses
  • Benefit from administrative functionalities to manage the data within SIGs
  • Note: CPE credits are not available for this session.
    Register to Watch

    July Member Forum Call – Dive Deeper: Business Continuity & Disaster Recovery – Overcoming Challenges within TPRM

    Business Continuity & Disaster Recovery programs are essential for business operations, and especially important for those relying on third-party providers. Internal and external factors can hinder TPRM practitioners' abilities to assess the robustness of a vendor's BCDR program. Join this Member Forum Call for a discussion of best practices for overcoming common challenges related to BCDR, topics include:
      • Understanding the full risk profile of the vendor

      • Determining appropriateness & completeness of submitted BCDR evidence

      • Evaluating the effectiveness of your 3rd parties' risk management programs

      • Assessing the effectiveness of your 3rd parties' structure

    Speakers:
    • John D. Beattie, FBCI
      Principal Consultant, 11:11 Systems
      John Beattie has been a Principal Consultant within 11:11 Systems for more than 15 years where he has consulted with organizations looking to reduce operational risk by maturing their business continuity, disaster and data recovery, and crisis management programs. He currently leads 11:11 Systems’ cyber-compromised data recovery consulting team. Prior to joining 11:11 Systems, John was the Global Director of Business Continuity for News Corporation and an IT management consultant at Ernst & Young for more than 15 years. John has attained FBCI certification from the Business Continuity Institute and he is a Certified Third-Party Risk Professional.
      View full bio
    • Mark Orsi
      CEO, Global Resilience Federation
      Mark Orsi is the Chief Executive Officer of Global Resilience Federation (https://www.grf.org/), a non-profit with the mission to develop and support threat intelligence and information sharing communities including education, operations technology, financial services, retail and hospitality, legal and professional services, energy, health, and oil and natural gas. Mr. Orsi led strategic efforts for several prominent Fortune 100 companies, working directly with CIOs and CISOs to develop, deploy, and improve security controls protecting the confidentiality, integrity, and availability of sensitive information. Mark joined the company from JPMorgan Chase where he served as executive director and product owner for cybersecurity and technology controls. Prior to JPMorgan, Mr. Orsi served KPMG as director of cybersecurity, and Goldman Sachs as vice president of technology risk. Mark holds an MBA from Columbia Business School, an MS in computer science from Johns Hopkins University, and a BS in Aerospace Engineering from the University of Maryland.
      View full bio
    • Elizabeth Dunsmoor
      TPRM Principal , Shared Assessments
    Become a Member to Watch

    Webinar – Out of the DARk: Shining Light on the Ransomware Threat

    In today’s digital age, cyber threats are a rising concern to organizations, ransomware being one of the most insidious of those threats. Join subject matter experts from Shared Assessments and Digital Asset Redemption, a compliance-focused service provider to companies involved in cybersecurity incident response, for a discussion on the current ransomware threat landscape, and ways to protect, defend, and respond to those threats. About Digital Asset Redemption: DAR aims to be the light that shines through the shadows of blackmail, spanning the shortest distance between cyber incident and response. We champion a suite of personalized, protective, precise Payment Solutions to provide a clear, confident response in times of duress.
    Register to Watch

    Simplify Reporting Against the 5 Most Impactful Third-Party Risk Management Regulations

    This session explores how to simplify meeting reporting obligations for the most impactful third-party risk management regulations and requirements including GDPR, CCPA, HIPAA, and SOX. The right risk strategies empower organizations with frameworks to manage risk appropriately. Panelists will examine the complexities of third-party risk reporting and provide insight into practical tools and techniques (such as the Shared Assessments SIG) to improve reporting processes and outcomes.
    Speakers:
    • Alastair Parr
      Senior Vice President, Global Products & Risk, Prevalent
      Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years of experience in product management, consultancy, and operations deliverables.
      View full bio
    • Ron Parham
      Vice President of Risk Regulations & Compliance, Shared Assessments
      Ronald Parham is the Vice President of Risk Regulations & Compliance at Shared Assessments where he manages regulatory mapping where he provides members with materials to assist them and their third-party partners in navigating the risk and regulatory landscape.
      View full bio
    Register to Watch

    June Member Forum Call – Ransomware Best Practices for Third Party Risk Professionals Webinar

    In this session, we provide an enterprise-wide, TPRM-focused approach to ransomware. Discussion includes meaningful process and program guidance improvements and practical tools for organizations of all sizes, whether operating locally or globally. *While Member Forum Calls are typically closed only to members, this one will be open to all. You may register regardless of your membership status.*
    Speakers:
    • Marya Roddis
      Senior Technical Editor & Founder, Technical Consulting Firm, S.U.N.
      Marya Roddis is a senior technical and grant writer providing high quality business, communications, management, design and education support services to public and private, for-profit and non-profit organizations and agencies. She is the former VP of Technical Writing for Shared Assessments and has served in administrative, technical, and teaching capacities in varied settings including University of Alaska Institute of Northern Forestry and the Medical Identity Fraud Alliance.
      View full bio
    • Bob Jones
      Senior Advisor, Shared Assessments
      Bob is deeply committed to contributing to the well-being of the financial services community. A well-known and sought-after expert in risk management strategy, he has 50 years of experience leading fraud risk management and risk management strategy. In addition to bringing unique experience as a consultant, educator and expert witness to Shared Assessments, he also serves as the principal of RW Jones Associates, LLC and is Adjunct Professor Emeritus of Economic crime at Utica College, where he taught in the school’s M.B.A. in Economic Crime and Fraud Management program. His articles have appeared in the RMA Journal and the Journal of Economic Crime Management.
      View full bio
    • Martin Freeman
      Cyber Security and Compliance Managing Director, Calastone
      Martin is a dedicated Information Security Professional with 20 years’ experience and is passionate about his subject matter. He specializes in implementing Cyber Security / Information Security frameworks and has previously worked in both the Fast-Moving Consumer Goods and Fintech industries.
      View full bio
    Become a Member to Watch

    5 Best Practices for Streamlining Your Third-Party Risk Management Workflows

    Time is a valuable resource, especially when trying to manage a third-party risk program at scale. With countless third parties to manage, hundreds of assessments to send, and even more risks to analyze, how do you keep up?

    Streamlined workflows throughout the third-party risk management (TPRM) lifecycle, from onboarding to offboarding, can create a sense of order and accountability. This session will explore best practices relating to:

    • • Workflow development and accounting for abnormal situations ​
    • • Defining stakeholder roles and ensuring accountability ​
    • • Methods for improving collaboration and communication ​
    • • Metrics to track to identify workflow bottlenecks
    Speakers:
    • Shea Hanson
      Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
      Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
      View full bio
    • Colleen Milazzo
      Senior Vice President, TPR Software Products, Shared Assessments
      Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
      View full bio
    Register to Watch
    1 4 5 6 7 8 15