On Demand Events

Missed a recent webinar or Member Forum Call? Catch our previous virtual sessions here. We now offer CPEs from most of our on-demand offerings. To earn CPEs, please submit your information and codes in the form linked below. Note: our on-demand recordings work best when viewed in the Chrome browser.

RECEIVE CPES Contact Us

All On-demand Events

Webinar

5 Best Practices for Streamlining Your Third-Party Risk Management Workflows

Time is a valuable resource, especially when trying to manage a third-party risk program at scale. With countless third parties to manage, hundreds of assessments to send, and even more risks to analyze, how do you keep up?

Streamlined workflows throughout the third-party risk management (TPRM) lifecycle, from onboarding to offboarding, can create a sense of order and accountability. This session will explore best practices relating to:

  • • Workflow development and accounting for abnormal situations ​
  • • Defining stakeholder roles and ensuring accountability ​
  • • Methods for improving collaboration and communication ​
  • • Metrics to track to identify workflow bottlenecks
Speakers:
  • Shea Hanson
    Strategic Solutions Engineer. GRCP, CTPRP, OneTrust
    Shea Hanson serves as a Strategic Solutions Engineer at OneTrust, the Trust Intelligence Platform, unlocking every company’s value and potential to thrive by doing what’s good for people and the planet. OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their operations and culture. In her role, Shea supports the OneTrust GRC & Security Cloud where she advises companies on how to analyze risk, scale compliance, and reinforce governance to uphold trusted business operations. Shea is a certified GRC professional (GRCP) designated by OCEG as well as a certified Third-Party Risk Professional (CTPRP) by Shared Assessments.
    View full bio
  • Colleen Milazzo
    Senior Vice President, TPR Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Journey to Standardization

Shared Assessments will provide guidance to program managers and risk professionals for optimizing the efficiency and maturation of strategic supplier management programs. Examining how standards and regulations can align, we will cover how to drive the integrated acceptance of standard risk frameworks and diligence practices. This session will illuminate how to establish a common set of third-party diligence and management frameworks with a focus on Cyber, ESG, and Privacy Standards.
Speakers:
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
    View full bio
Register to Watch

Member Forums

May Member Forum Call: Benchmarking Maturity

Submit your questions regarding benchmarking your TPRM program maturity. Questions will be answered live during the Member Forum Call. Submit questions here.
Speakers:
  • Jennifer Hancock
    President, Hancock Consulting LLC
    Jennifer Hancock is a third-party risk management professional with more than 20 years of experience in third-party risk management. As owner of Hancock Consulting LLC, a consultancy she founded to provide specialized advisory services, Ms. Hancock has been able to help organizations develop effective third-party risk management strategies and improve their overall resilience. Her expertise has been sought after by a wide range of clients across industries, and she is dedicated to helping organizations of all sizes manage their third-party risks effectively As a thought leader in the field of third-party risk management, Ms. Hancock has been a featured speaker at numerous industry events and conferences. She is both a Certified Third-Party Risk Professional and Certified Third-Party Risk Assessor (CTPRA).
    View full bio
  • Gary Roboff
    Senior Advisor, Shared Assessments
    Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Become a Member to Watch

Webinar

Debunking Vendor Cybersecurity Myths

From speculating that vendors have terrifying security posture to guessing that vendors have water-tight security practices, organizations make assumptions around cybersecurity too often. What does the cybersecurity standing between business and their vendors actually look like? In a new study, RiskRecon by Mastercard and Cyentia Institute examine security assessments across more than 50,000 B2B relationships. Through this data, this session will illustrate:
  • • The likelihood of your firm or a firm you are working being involved in a breach event
  • • How firms can be exposed to a variety of new security risks via third parties
  • • The impact of poor assessment practices on your cybersecurity standing
Speakers:
  • David F. Severski
    Senior Security Data Scientist, Cyentia
    David F. Severski is an information security data scientist, specializing in quantified risk management. He has provided risk management expertise across diverse industries—retail, aerospace, finance, energy, and healthcare. Severski brings both broad and deep expertise in a number of technical areas with a special focus on cloud technologies and DevOps practices. He strives to combine rigorous methods, technical expertise, and a human-centered approach to advance the state of evidence-based information security risk management.
    View full bio
  • Nasser Fattah
    Senior Consultant, Shared Assessments
    Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.
    View full bio
Register to Watch

Webinar

ESG SIG Product Launch Webinar

In this session, we will show the ESG SIG product alongside a discussion of use cases, key features and benefits. We will touch on the regulations, standards and frameworks mapped to by the ESG SIG and learn how this solution was made.
Speakers:
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Top 5 Tips to Scale Your Third-Party Security Risk Program

The “cloud-first” strategy at many companies today translates into an ever-increasing number of third-parties, and even greater number of risks. While cybersecurity technology is better than ever, in a world where so much of every business operation is outsourced, your third-parties’ attack surface is your attack surface -- and your existing cyber stack may not help you. This webinar will explore the top 5 tips to effectively scale a third-party cyber risk management program in order to manage the mounting number of third-parties
Speakers:
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Dov Goldman
    Director of Risk and Compliance, Panorays
    Dov has years of experience in the third-party risk and compliance field, as well as a long history as a serial entrepreneur, software and network engineer. Dov focuses on the evolving best practices and industry standards in third-party management and regulatory compliance. Previously, Dov was VP of innovation at Opus, director of product marketing at Navigant, and founder and CEO of Cognet Corp and Dynalog Technologies. Dov has spoken at industry events around the world and has been quoted in numerous industry press articles, as well as The Wall Street Journal, about information security and privacy.
    View full bio
Register to Watch

Member Forums

Shared Assessments Update

In this member forum call, we'll look back at 2022, and into what 2023 holds for Shared Assessments members and committees. We'll cover 2022 highlights, and move onto 2023 goals, plans, targets, and newly proposed risk domains.
Speakers:
  • Andrew Moyad
    CEO, Shared Assessments
    Andrew is an accomplished leader and trailblazer in third party risk management. As a practitioner and a senior risk management executive, he has driven a culture of accountability and diligence in safeguarding information. Andrew has more than 25 years in risk management and information security. He has contributed greatly to the transformation and advancement of risk management as a strategic function that intersects with and helps guide all aspects of organizations.
    View full bio
Become a Member to Watch

Webinar

Diverging Paths in ESG Regulation?

We’ll discuss:

  • • Why ESG matters to third party (and Nth party) risk management
  • • EU and German Supply Chain Due Diligence Regulations (environment and human rights) and what sets them apart from other ESG regulations
  • • Newly approved EU Corporate Sustainability Reporting Regulation and SEC Climate Reporting proposal
  • • ESG and the U.S. 2024 election’s impact on regulations
  • • ESG Standards consolidation – ISSB
  • • Proposed New York State Department of Financial Service Guidance for New York State Regulated Banking and Mortgage Institutions Relating to Management of Material Financial Risks from Climate Change and existing Insurance industry guidance
  • • Bank of England observations on climate related risks

And more!

Speakers:
  • Gary Roboff
    Senior Advisor, Shared Assessments
    Gary Roboff is a Senior Advisor to Shared Assessments where he focuses on payments, risk management, mobile financial services, and information management. Gary has almost four decades of experience in financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third party risk management, privacy, and information utilization, as well as business frameworks and standards for electronic commerce applications.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
Register to Watch

Webinar

Determining the Risk of Critical Third Parties

Leveraging third parties can lead to significant efficiencies, but it is not without risk. This session will explore criteria used to establish inherent risk and provide approaches for assessing a critical third-party relationship.

Panelists will share the results of a recent Shared Assessments Critical Third-Party Survey covering TPRM processes including: Risk Tiering Techniques; Inherent Risk Criteria; Critical Third Party Criteria; Number of Critical Third Parties and Assessment Timeframe Approvals. Additionally, panelists will highlight work being done by Shared Assessments members on an Inherent Risk Product.

Note: You can review our Corporate Due Diligence blog and download our responses to regulation enhancements requested by:

  • • Prudential Regulatory Authority - Operational Resilience: Critical Third Parties to the UK Financial Sector;
  • • NYS- Department of Financial Services - Cybersecurity Requirements;
  • • Security Exchange Commission - Rule on Outsourcing by Investment Advisors
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Colleen Milazzo
    SVP of Third Party Risk Software Products, Shared Assessments
    Colleen leads the TPRM software team in the development of software products/tools for third party-risk assurance. Colleen has over 20 years of experience within the financial services industry and consulting. She has led programs associated with risk management, procurement/contract negotiation, mergers and acquisitions, and business process reengineering. She has regulatory and global experience executing portfolios to meet the corporate strategy.
    View full bio
  • Hannah Ford
    Risk Manager - Supply & Third Party Risk Intelligence, Supply Wisdom
    Hannah is a Certified Third Party Risk Professional with over a decade of experience in the field of risk analysis, management, and mitigation. As a manager on the Supply Wisdom Risk & Resilience team, she uses her experience as a practitioner and manager of risk assessment and mitigation processes to help her team optimize the future of active, continuous risk management.
    View full bio
Register to Watch

Member Forums

How to Operationalize the California Privacy Rights Acts Requirements

The California Privacy Rights Acts, (CPRA) which expands on the California Consumer Privacy Act (CCPA), went into effect on January 1 2023. This session will examine the top operational impacts and provide strategies on how to prioritize and address in concert with requirements from other key privacy regulation such as GDPR. This includes the new provisions for data security, data minimization and data retention as well as expanded rights for California residents.
Speakers:
  • Charlie Miller
    Senior Advisor, Shared Assessments
    Charlie Miller is a frequent speaker and a recognized expert in third-party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.
    View full bio
  • Evelyn deSouza
    Trust, Privacy and Compliance Leader, Oracle Fusion Cloud Applications
    Evelyn de Souza is head of privacy operations for the Oracle Cloud Applications LOB. She is focused on building in privacy versus bolting privacy on after the fact and harmonizing regulations to alleviate audit fatigue. She is a passionate speaker on data privacy who seeks to be an advocate for community banks and non profits in the wake of emerging privacy regulation. She has previously served as the Co-Chair of the Cloud Security Alliance Cloud Controls Matrix and the chair of the Data Governance Group and then more broadly as an advisor to the Cloud Security Alliance. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and Silicon Business Valley Journal's Woman of Influence in 2015 for her innovations in data security. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable". When not working, Evelyn is an accomplished classical pianist who enjoys performing in her community.
    View full bio
Become a Member to Watch
1 6 7 8 9

About Us

Our Policies

Keep In Touch

Sign up to receive the latest information about upcoming events, releases, and offers for our risk management community.
© 2026 Shared Assessments LLC