Third-Party Risk Summit
Join us as we celebrate the 20th Anniversary of Shared Assessments and the 18th Annual Third-Party Risk Summit—the premier global event for advancing third-party risk management across industries. This milestone for our organization and Summit shines a spotlight on cutting-edge processes, emerging technologies, and strategies driving efficiencies throughout the risk universe and beyond.
For two decades, the Shared Assessments Annual Third-Party Risk Summit has been the ultimate gathering of industry thought leaders and risk management experts. This year, we’re raising the bar by exploring future trends, sharing actionable insights, and celebrating 20 years of education, innovation, and excellence.
Attendees will gain unparalleled opportunities to network with peers, benchmark program maturity, and discover how to harness best practices and transformative technologies to elevate their risk management strategies. Don’t miss this special celebration of leadership and innovation in the risk management community, taking us light years into the next galaxy!
This event offers 13 Continuing Professional Education Credits (CPEs) for attending both Day 1 and Day 2.
Interested in Sponsorship Opportunities for Summit?
Pre-Summit Education
Certified Third Party Risk Professional (CTPRP)
Certified Third Party Risk Assessor (CTPRA)
Join us in person for a CTPRP or a CTPRA course hosted on March 25th, 2025, prior to our Third Party Risk USA Summit. These designations from the Shared Assessments Program validate expertise, and provide professional credibility, recognition, and marketability in third-party risk.
To learn more about the class, the exam, and maintaining your certification, see the FAQs at the bottom of the CTPRP or CTPRA page on our website.
Cost: Members: $1,345 | Non-Members: $1,645
Event Location: The Westin Fort Lauderdale Beach Resort | Fort Lauderdale, FL
Date: March 25th, 2025 | 8:00am – 6:00pm ET
CPEs: Completion of this course will earn 12 CPEs.
Interested in Speaking at Summit?
Hotel
We are back! Join us where the warm waters of the Atlantic meet the sparkling sand, and create lasting risk management memories at The Westin Fort Lauderdale Beach Resort. This hotel is a true oceanfront oasis, designed to enhance your wellbeing. Say yes to the outdoor heated pool and the beach access skywalk!
Sponsors
Platinum Sponsors
Gold Sponsors
Exhibitors
Schedule
The schedule is under development and subject to change – be sure to check back for updates:
- Wednesday, March 26
- Thursday, March 27
Time
Session
Speakers
Description
7:30am ET
Registration Opens
7:30am - 8:55am ET
Breakfast Buffet
Breakfast will be served in the Los Olas Foyer from 7:30 to 8:55 am ET before the Opening Keynote
9:00am ET
Welcome & Opening Keynote
Andrew Moyad, CEO, Shared Assessments
Captain’s Log: Charting the Future of TPRM Beyond Our First 20 Years
9:15am ET
Panel: Securing the Cloud Frontier: Protecting Third-Party Ecosystems in 2025
Erin Joe, Senior Executive, Cybersecurity and Shared Assessments Advisory Board Member
Joe Lyons, VP Cyber Security, BitSight
Lena Licata, VP, Governance, Risk & Compliance, Blackstone
Moderator: Chris Johnson, Senior Advisor, Shared Assessments
Joe Lyons, VP Cyber Security, BitSight
Lena Licata, VP, Governance, Risk & Compliance, Blackstone
Moderator: Chris Johnson, Senior Advisor, Shared Assessments
As organizations increasingly rely on cloud solutions for critical operations, the need for robust cloud security within third-party ecosystems has never been more urgent. This panel will explore the evolving landscape of cloud security and its integration with third-party risk management practices, providing actionable guidance for risk managers navigating these challenges in 2025.
10:05am ET
Exhibitor Networking Break
10:35am ET
Panel: Evolving Regulatory Compliance Post-DORA and NIS2
Eyvonne R. Mallett, Of Counsel, Loeb & Loeb LLC
John Ingold, Head of Supplier Management, T. Rowe Price
Mark Orsi, CEO, Global Resilience Federation
Moderator: Patricia Murphy, Managing Director, Alvarez and Masal
John Ingold, Head of Supplier Management, T. Rowe Price
Mark Orsi, CEO, Global Resilience Federation
Moderator: Patricia Murphy, Managing Director, Alvarez and Masal
As regulatory landscapes grow more complex, organizations must develop strategies that ensure both operational and regulatory resilience. This panel will explore how evolving frameworks like DORA, NIS2, and AI regulations are reshaping third-party risk management practices. Experts will discuss actionable approaches to: -Harmonize compliance efforts across jurisdictions. -Strengthen operational resilience by aligning risk management frameworks with regulatory demands. -Proactively address the intersection of ESG and TPRM requirements.
11:10am ET
Sponsored Keynote: Agentic AI and Third-Party Risk: Rethinking Vendor Assessments for the Future
Chris Patterson, Director, Strategy, One Trust Third Party Risk Management
The last 24 months have seen a paradigm shift in the global technology landscape as cheaper, faster and more scalable LLMs and AI models have accelerated the availability of AI-enabled solutions. While AI governance and managing risk around third-party AI have become top priorities for risk and compliance teams, there has been less attention paid to how these technologies can potentially disrupt the fundamentals of third-party risk management. This keynote will help organizations understand the realities of agentic AI, paint a vision for the future of TPRM in an agentic landscape, and provide a pathway to navigate disruptions and harness the power of AI, responsibly.
11:40am
Networking Lunch
The Risk Launchpad: Your Hub for Expert Insights and Practical Solutions
The Risk Launchpad: Your Hub for Expert Insights and Practical Solutions
Need quick guidance on a pressing third-party risk management challenge? Looking for expert advice in a private, supportive setting? Welcome to The Risk Launchpad, where your toughest questions meet tailored solutions. This drop-in space is designed for attendees who:
- Have a specific TPRM issue to troubleshoot with Shared Assessments Senior Advisors and TPRM Principals.
- Seek one-on-one conversations in a more informal setting.
- Want actionable advice to take back to their organization right away.
No appointments or pre-registration required—simply stop by, share your concerns, and engage with experts ready to help you navigate your challenges. From regulatory compliance dilemmas to operational disruptions, our SMEs are here to equip you with insights and strategies for success.
- Have a specific TPRM issue to troubleshoot with Shared Assessments Senior Advisors and TPRM Principals.
- Seek one-on-one conversations in a more informal setting.
- Want actionable advice to take back to their organization right away.
No appointments or pre-registration required—simply stop by, share your concerns, and engage with experts ready to help you navigate your challenges. From regulatory compliance dilemmas to operational disruptions, our SMEs are here to equip you with insights and strategies for success.
1:00pm ET
Afternoon Tracks 1
Thought Leadership Panel: To Boldly Automate: Harnessing Automation for Efficient TPRM
Thought Leadership Panel: To Boldly Automate: Harnessing Automation for Efficient TPRM
Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
Clarence Chio, Co-Founder & CEO, Coverbase
Gatha Sadhir, EVP, Global Technology, Jazwares
Dennis Frio, Managing Director, Cyber, Risk & Regulatory, PwC US
Moderator: Chris Johnson, Senior Advisor, Shared Assessments
Clarence Chio, Co-Founder & CEO, Coverbase
Gatha Sadhir, EVP, Global Technology, Jazwares
Dennis Frio, Managing Director, Cyber, Risk & Regulatory, PwC US
Moderator: Chris Johnson, Senior Advisor, Shared Assessments
Automation in TPRM is the future. This panel will explore how cutting edge AI tools can automate vendor onboarding, risk assessments, and continuous monitoring, providing organizations with timely and accurate risk data.
1:00pm ET
Afternoon Tracks 1
Practitioner Panel: Building a Continuous Monitoring Ecosystem: Insights for TPRM Practitioners
Practitioner Panel: Building a Continuous Monitoring Ecosystem: Insights for TPRM Practitioners
Deb Zoppy, Head of TPRM & Business Resiliency Oversight, Guardian
Bob Maley, CSO, Black Kite
Falicia Foster-Cruz, Manager – Third Party Risk Management, Iron Mountain
Moderator: Sheria Williams, TPRM Principal, Products and Support
Bob Maley, CSO, Black Kite
Falicia Foster-Cruz, Manager – Third Party Risk Management, Iron Mountain
Moderator: Sheria Williams, TPRM Principal, Products and Support
Continuous monitoring is the cornerstone of proactive third-party risk management but creating a sustainable and comprehensive monitoring ecosystem requires more than just tools. This session offers a hands-on exploration of the strategies, frameworks, and methodologies that practitioners need to integrate diverse data sources—including financial assessments, ESG ratings, and real-time alerts—into their monitoring practices. Designed for TPRM professionals looking to elevate their strategies, this session ensures you leave with the insights and techniques necessary to build a resilient monitoring ecosystem that adapts to today’s complex risk landscape.
1:50pm ET
Transition/Break
2:00pm ET
Afternoon Tracks 2
Thought Leadership Track: Future-Proofing Critical Third Parties
Thought Leadership Track: Future-Proofing Critical Third Parties
Elizabeth Dunsmoor, TPRM Principal, Shared Assessments
Eric Evans, Managing Director, Partnerships and Alliances, Rapid Ratings
Jenna Wells, Chief Customer and Product Officer, Supply Wisdom
Moderator: Nasser Fattah, Senior Advisor, Shared Assessments
Eric Evans, Managing Director, Partnerships and Alliances, Rapid Ratings
Jenna Wells, Chief Customer and Product Officer, Supply Wisdom
Moderator: Nasser Fattah, Senior Advisor, Shared Assessments
This panel will explore how to assess CTP dependencies, implement robust risk mitigation strategies, and align with evolving regulations to safeguard operational stability. Panelists will share insights on continuous monitoring, contingency planning, and regulatory expectations, helping organizations build stronger, future-ready third-party ecosystems.
2:00pm ET
Afternoon Tracks 2
Practitioner Panel: Non-Traditional Vendors: Rethinking Risk Management for Unique Relationships
Practitioner Panel: Non-Traditional Vendors: Rethinking Risk Management for Unique Relationships
Becky Brown, Program Manager for Third Party Risk Management, SEI Investments
Mary Kay Merkt, Director Vendor Management & Procurement, Johnson Financial Group
Jan Lucero, Senior Director, Third Party Risk Management, Transamerica
Dan Even, Senior Manager - Third Party Risk Management (TPRM), Mayo Clinic
Moderator: Rhonda K.R. Cook, Senior Advisor, Shared Assessments
Mary Kay Merkt, Director Vendor Management & Procurement, Johnson Financial Group
Jan Lucero, Senior Director, Third Party Risk Management, Transamerica
Dan Even, Senior Manager - Third Party Risk Management (TPRM), Mayo Clinic
Moderator: Rhonda K.R. Cook, Senior Advisor, Shared Assessments
Not all third-party relationships fit neatly into traditional risk management frameworks. From facilities management to sub-advisors and beyond, non-traditional vendors require tailored approaches that go beyond the standard assessment process. This session explores innovative strategies to categorize and manage these unique relationships while ensuring compliance and mitigating risk. Designed for practitioners seeking actionable solutions, this discussion will equip you with the tools to build more inclusive and efficient TPRM strategies for the full spectrum of vendor relationships.
2:50pm ET
Transition/Break
3:00pm ET
Afternoon Tracks 3
Thought Leadership Panel: Navigating the Regulatory Constellation: Cross Jurisdictional Compliance
Thought Leadership Panel: Navigating the Regulatory Constellation: Cross Jurisdictional Compliance
Caitlin M. Clarke, Senior Director of Cybersecurity Services, Venable LLP
Moderator: Gary Roboff, Senior Advisor, Shared Assessments
Moderator: Gary Roboff, Senior Advisor, Shared Assessments
This session will explore strategies for navigating the complexities of cross-jurisdictional compliance, including insights on DORA, NIS2 and GDPR related mandates. Industry experts will share real-world approaches to harmonizing regulatory requirements across regions, avoiding common pitfalls, and ensuring that your risk management strategies stay aligned as new stars appear in the regulatory sky.
3:00pm ET
Afternoon Tracks 3
Practitioner Panel: Engineering Vendor Contracts for the Future: Risk, Responsibility, and Automation
Practitioner Panel: Engineering Vendor Contracts for the Future: Risk, Responsibility, and Automation
Julie Gaiaschi, CEO & Co-Founder, Third Party Risk Association
Tammy Knies, CPO, Eastern Bank
Shamul Ehteshamul Haque, Outside General Counsel, Shared Assessments
Moderator: Jennifer Hancock, SVP Professional Development & Education, Shared Assessments
Tammy Knies, CPO, Eastern Bank
Shamul Ehteshamul Haque, Outside General Counsel, Shared Assessments
Moderator: Jennifer Hancock, SVP Professional Development & Education, Shared Assessments
A detailed discussion on how to build flexible, risk-sensitive contracts with third parties that can accommodate emerging risks, such as AI governance and cybersecurity threats.
3:50pm - 4:20pm ET
Exhibitor Networking Break
4:20pm - 4:50pm ET
Achievement Award Presentation and Acceptance
Andrew Moyad, CEO, Shared Assessments
4:50pm - 5:20pm ET
Fireside Chat
Heidi Grant, Former Director of the Defense Security Cooperation Agency
Paul Kurtz, CTO, Splunk
Paul Kurtz, CTO, Splunk
5:20pm ET
Closing Remarks
Brian Shaw, VP Head of North America, Certa
5:30pm ET
Networking Reception
Wednesday, March 26
Time
SESSION
SessionSPEAKERS
SpeakersDESCRIPTION
Description
7:30am ET
SESSION
Registration Opens 7:30am - 8:55am ET
SESSION
Breakfast BuffetDESCRIPTION
Breakfast will be served in the Los Olas Foyer from 7:30 to 8:55 am ET before the Opening Keynote
9:00am ET
SESSION
Welcome & Opening KeynoteSPEAKERS
Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
Captain’s Log: Charting the Future of TPRM Beyond Our First 20 Years
9:15am ET
SESSION
Panel: Securing the Cloud Frontier: Protecting Third-Party Ecosystems in 2025 SPEAKERS
Erin Joe, Senior Executive, Cybersecurity and Shared Assessments Advisory Board Member
Joe Lyons, VP Cyber Security, BitSight
Lena Licata, VP, Governance, Risk & Compliance, Blackstone
Moderator: Chris Johnson, Senior Advisor, Shared AssessmentsDESCRIPTION
As organizations increasingly rely on cloud solutions for critical operations, the need for robust cloud security within third-party ecosystems has never been more urgent. This panel will explore the evolving landscape of cloud security and its integration with third-party risk management practices, providing actionable guidance for risk managers navigating these challenges in 2025.
10:05am ET
SESSION
Exhibitor Networking Break 10:35am ET
SESSION
Panel: Evolving Regulatory Compliance Post-DORA and NIS2SPEAKERS
Eyvonne R. Mallett, Of Counsel, Loeb & Loeb LLC
John Ingold, Head of Supplier Management, T. Rowe Price
Mark Orsi, CEO, Global Resilience Federation
Moderator: Patricia Murphy, Managing Director, Alvarez and MasalDESCRIPTION
As regulatory landscapes grow more complex, organizations must develop strategies that ensure both operational and regulatory resilience. This panel will explore how evolving frameworks like DORA, NIS2, and AI regulations are reshaping third-party risk management practices. Experts will discuss actionable approaches to: -Harmonize compliance efforts across jurisdictions. -Strengthen operational resilience by aligning risk management frameworks with regulatory demands. -Proactively address the intersection of ESG and TPRM requirements.
11:10am ET
SESSION
Sponsored Keynote: Agentic AI and Third-Party Risk: Rethinking Vendor Assessments for the FutureSPEAKERS
Chris Patterson, Director, Strategy, One Trust Third Party Risk Management DESCRIPTION
The last 24 months have seen a paradigm shift in the global technology landscape as cheaper, faster and more scalable LLMs and AI models have accelerated the availability of AI-enabled solutions. While AI governance and managing risk around third-party AI have become top priorities for risk and compliance teams, there has been less attention paid to how these technologies can potentially disrupt the fundamentals of third-party risk management. This keynote will help organizations understand the realities of agentic AI, paint a vision for the future of TPRM in an agentic landscape, and provide a pathway to navigate disruptions and harness the power of AI, responsibly.
11:40am
SESSION
Networking Lunch
The Risk Launchpad: Your Hub for Expert Insights and Practical SolutionsDESCRIPTION
Need quick guidance on a pressing third-party risk management challenge? Looking for expert advice in a private, supportive setting? Welcome to The Risk Launchpad, where your toughest questions meet tailored solutions. This drop-in space is designed for attendees who:
- Have a specific TPRM issue to troubleshoot with Shared Assessments Senior Advisors and TPRM Principals.
- Seek one-on-one conversations in a more informal setting.
- Want actionable advice to take back to their organization right away.
No appointments or pre-registration required—simply stop by, share your concerns, and engage with experts ready to help you navigate your challenges. From regulatory compliance dilemmas to operational disruptions, our SMEs are here to equip you with insights and strategies for success.
1:00pm ET
SESSION
Afternoon Tracks 1
Thought Leadership Panel: To Boldly Automate: Harnessing Automation for Efficient TPRM SPEAKERS
Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
Clarence Chio, Co-Founder & CEO, Coverbase
Gatha Sadhir, EVP, Global Technology, Jazwares
Dennis Frio, Managing Director, Cyber, Risk & Regulatory, PwC US
Moderator: Chris Johnson, Senior Advisor, Shared Assessments DESCRIPTION
Automation in TPRM is the future. This panel will explore how cutting edge AI tools can automate vendor onboarding, risk assessments, and continuous monitoring, providing organizations with timely and accurate risk data.
1:00pm ET
SESSION
Afternoon Tracks 1
Practitioner Panel: Building a Continuous Monitoring Ecosystem: Insights for TPRM Practitioners SPEAKERS
Deb Zoppy, Head of TPRM & Business Resiliency Oversight, Guardian
Bob Maley, CSO, Black Kite
Falicia Foster-Cruz, Manager – Third Party Risk Management, Iron Mountain
Moderator: Sheria Williams, TPRM Principal, Products and SupportDESCRIPTION
Continuous monitoring is the cornerstone of proactive third-party risk management but creating a sustainable and comprehensive monitoring ecosystem requires more than just tools. This session offers a hands-on exploration of the strategies, frameworks, and methodologies that practitioners need to integrate diverse data sources—including financial assessments, ESG ratings, and real-time alerts—into their monitoring practices. Designed for TPRM professionals looking to elevate their strategies, this session ensures you leave with the insights and techniques necessary to build a resilient monitoring ecosystem that adapts to today’s complex risk landscape.
1:50pm ET
SESSION
Transition/Break 2:00pm ET
SESSION
Afternoon Tracks 2
Thought Leadership Track: Future-Proofing Critical Third Parties
SPEAKERS
Elizabeth Dunsmoor, TPRM Principal, Shared Assessments
Eric Evans, Managing Director, Partnerships and Alliances, Rapid Ratings
Jenna Wells, Chief Customer and Product Officer, Supply Wisdom
Moderator: Nasser Fattah, Senior Advisor, Shared AssessmentsDESCRIPTION
This panel will explore how to assess CTP dependencies, implement robust risk mitigation strategies, and align with evolving regulations to safeguard operational stability. Panelists will share insights on continuous monitoring, contingency planning, and regulatory expectations, helping organizations build stronger, future-ready third-party ecosystems.
2:00pm ET
SESSION
Afternoon Tracks 2
Practitioner Panel: Non-Traditional Vendors: Rethinking Risk Management for Unique RelationshipsSPEAKERS
Becky Brown, Program Manager for Third Party Risk Management, SEI Investments
Mary Kay Merkt, Director Vendor Management & Procurement, Johnson Financial Group
Jan Lucero, Senior Director, Third Party Risk Management, Transamerica
Dan Even, Senior Manager - Third Party Risk Management (TPRM), Mayo Clinic
Moderator: Rhonda K.R. Cook, Senior Advisor, Shared AssessmentsDESCRIPTION
Not all third-party relationships fit neatly into traditional risk management frameworks. From facilities management to sub-advisors and beyond, non-traditional vendors require tailored approaches that go beyond the standard assessment process. This session explores innovative strategies to categorize and manage these unique relationships while ensuring compliance and mitigating risk. Designed for practitioners seeking actionable solutions, this discussion will equip you with the tools to build more inclusive and efficient TPRM strategies for the full spectrum of vendor relationships.
2:50pm ET
SESSION
Transition/Break 3:00pm ET
SESSION
Afternoon Tracks 3
Thought Leadership Panel: Navigating the Regulatory Constellation: Cross Jurisdictional Compliance
SPEAKERS
Caitlin M. Clarke, Senior Director of Cybersecurity Services, Venable LLP
Moderator: Gary Roboff, Senior Advisor, Shared AssessmentsDESCRIPTION
This session will explore strategies for navigating the complexities of cross-jurisdictional compliance, including insights on DORA, NIS2 and GDPR related mandates. Industry experts will share real-world approaches to harmonizing regulatory requirements across regions, avoiding common pitfalls, and ensuring that your risk management strategies stay aligned as new stars appear in the regulatory sky.
3:00pm ET
SESSION
Afternoon Tracks 3
Practitioner Panel: Engineering Vendor Contracts for the Future: Risk, Responsibility, and AutomationSPEAKERS
Julie Gaiaschi, CEO & Co-Founder, Third Party Risk Association
Tammy Knies, CPO, Eastern Bank
Shamul Ehteshamul Haque, Outside General Counsel, Shared Assessments
Moderator: Jennifer Hancock, SVP Professional Development & Education, Shared AssessmentsDESCRIPTION
A detailed discussion on how to build flexible, risk-sensitive contracts with third parties that can accommodate emerging risks, such as AI governance and cybersecurity threats.
3:50pm - 4:20pm ET
SESSION
Exhibitor Networking Break 4:20pm - 4:50pm ET
SESSION
Achievement Award Presentation and AcceptanceSPEAKERS
Andrew Moyad, CEO, Shared Assessments 4:50pm - 5:20pm ET
SESSION
Fireside ChatSPEAKERS
Heidi Grant, Former Director of the Defense Security Cooperation Agency
Paul Kurtz, CTO, Splunk 5:20pm ET
SESSION
Closing RemarksSPEAKERS
Brian Shaw, VP Head of North America, Certa 5:30pm ET
SESSION
Networking Reception
SESSION
SessionSPEAKERS
SpeakersDESCRIPTION
Description
7:30am ET
SESSION
Registration Opens 7:30am - 8:55am ET
SESSION
Breakfast BuffetDESCRIPTION
Breakfast will be served in the Los Olas Foyer from 7:30 to 8:55 am ET before the Opening Keynote
9:00am ET
SESSION
Welcome & Opening KeynoteSPEAKERS
Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
Captain’s Log: Charting the Future of TPRM Beyond Our First 20 Years
9:15am ET
SESSION
Panel: Securing the Cloud Frontier: Protecting Third-Party Ecosystems in 2025 SPEAKERS
Erin Joe, Senior Executive, Cybersecurity and Shared Assessments Advisory Board Member
Joe Lyons, VP Cyber Security, BitSight
Lena Licata, VP, Governance, Risk & Compliance, Blackstone
Moderator: Chris Johnson, Senior Advisor, Shared AssessmentsDESCRIPTION
As organizations increasingly rely on cloud solutions for critical operations, the need for robust cloud security within third-party ecosystems has never been more urgent. This panel will explore the evolving landscape of cloud security and its integration with third-party risk management practices, providing actionable guidance for risk managers navigating these challenges in 2025.
10:05am ET
SESSION
Exhibitor Networking Break 10:35am ET
SESSION
Panel: Evolving Regulatory Compliance Post-DORA and NIS2SPEAKERS
Eyvonne R. Mallett, Of Counsel, Loeb & Loeb LLC
John Ingold, Head of Supplier Management, T. Rowe Price
Mark Orsi, CEO, Global Resilience Federation
Moderator: Patricia Murphy, Managing Director, Alvarez and MasalDESCRIPTION
As regulatory landscapes grow more complex, organizations must develop strategies that ensure both operational and regulatory resilience. This panel will explore how evolving frameworks like DORA, NIS2, and AI regulations are reshaping third-party risk management practices. Experts will discuss actionable approaches to: -Harmonize compliance efforts across jurisdictions. -Strengthen operational resilience by aligning risk management frameworks with regulatory demands. -Proactively address the intersection of ESG and TPRM requirements.
11:10am ET
SESSION
Sponsored Keynote: Agentic AI and Third-Party Risk: Rethinking Vendor Assessments for the FutureSPEAKERS
Chris Patterson, Director, Strategy, One Trust Third Party Risk Management DESCRIPTION
The last 24 months have seen a paradigm shift in the global technology landscape as cheaper, faster and more scalable LLMs and AI models have accelerated the availability of AI-enabled solutions. While AI governance and managing risk around third-party AI have become top priorities for risk and compliance teams, there has been less attention paid to how these technologies can potentially disrupt the fundamentals of third-party risk management. This keynote will help organizations understand the realities of agentic AI, paint a vision for the future of TPRM in an agentic landscape, and provide a pathway to navigate disruptions and harness the power of AI, responsibly.
11:40am
SESSION
Networking Lunch
The Risk Launchpad: Your Hub for Expert Insights and Practical SolutionsDESCRIPTION
Need quick guidance on a pressing third-party risk management challenge? Looking for expert advice in a private, supportive setting? Welcome to The Risk Launchpad, where your toughest questions meet tailored solutions. This drop-in space is designed for attendees who:
- Have a specific TPRM issue to troubleshoot with Shared Assessments Senior Advisors and TPRM Principals.
- Seek one-on-one conversations in a more informal setting.
- Want actionable advice to take back to their organization right away.
No appointments or pre-registration required—simply stop by, share your concerns, and engage with experts ready to help you navigate your challenges. From regulatory compliance dilemmas to operational disruptions, our SMEs are here to equip you with insights and strategies for success.
1:00pm ET
SESSION
Afternoon Tracks 1
Thought Leadership Panel: To Boldly Automate: Harnessing Automation for Efficient TPRM SPEAKERS
Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
Clarence Chio, Co-Founder & CEO, Coverbase
Gatha Sadhir, EVP, Global Technology, Jazwares
Dennis Frio, Managing Director, Cyber, Risk & Regulatory, PwC US
Moderator: Chris Johnson, Senior Advisor, Shared Assessments DESCRIPTION
Automation in TPRM is the future. This panel will explore how cutting edge AI tools can automate vendor onboarding, risk assessments, and continuous monitoring, providing organizations with timely and accurate risk data.
1:00pm ET
SESSION
Afternoon Tracks 1
Practitioner Panel: Building a Continuous Monitoring Ecosystem: Insights for TPRM Practitioners SPEAKERS
Deb Zoppy, Head of TPRM & Business Resiliency Oversight, Guardian
Bob Maley, CSO, Black Kite
Falicia Foster-Cruz, Manager – Third Party Risk Management, Iron Mountain
Moderator: Sheria Williams, TPRM Principal, Products and SupportDESCRIPTION
Continuous monitoring is the cornerstone of proactive third-party risk management but creating a sustainable and comprehensive monitoring ecosystem requires more than just tools. This session offers a hands-on exploration of the strategies, frameworks, and methodologies that practitioners need to integrate diverse data sources—including financial assessments, ESG ratings, and real-time alerts—into their monitoring practices. Designed for TPRM professionals looking to elevate their strategies, this session ensures you leave with the insights and techniques necessary to build a resilient monitoring ecosystem that adapts to today’s complex risk landscape.
1:50pm ET
SESSION
Transition/Break 2:00pm ET
SESSION
Afternoon Tracks 2
Thought Leadership Track: Future-Proofing Critical Third Parties
SPEAKERS
Elizabeth Dunsmoor, TPRM Principal, Shared Assessments
Eric Evans, Managing Director, Partnerships and Alliances, Rapid Ratings
Jenna Wells, Chief Customer and Product Officer, Supply Wisdom
Moderator: Nasser Fattah, Senior Advisor, Shared AssessmentsDESCRIPTION
This panel will explore how to assess CTP dependencies, implement robust risk mitigation strategies, and align with evolving regulations to safeguard operational stability. Panelists will share insights on continuous monitoring, contingency planning, and regulatory expectations, helping organizations build stronger, future-ready third-party ecosystems.
2:00pm ET
SESSION
Afternoon Tracks 2
Practitioner Panel: Non-Traditional Vendors: Rethinking Risk Management for Unique RelationshipsSPEAKERS
Becky Brown, Program Manager for Third Party Risk Management, SEI Investments
Mary Kay Merkt, Director Vendor Management & Procurement, Johnson Financial Group
Jan Lucero, Senior Director, Third Party Risk Management, Transamerica
Dan Even, Senior Manager - Third Party Risk Management (TPRM), Mayo Clinic
Moderator: Rhonda K.R. Cook, Senior Advisor, Shared AssessmentsDESCRIPTION
Not all third-party relationships fit neatly into traditional risk management frameworks. From facilities management to sub-advisors and beyond, non-traditional vendors require tailored approaches that go beyond the standard assessment process. This session explores innovative strategies to categorize and manage these unique relationships while ensuring compliance and mitigating risk. Designed for practitioners seeking actionable solutions, this discussion will equip you with the tools to build more inclusive and efficient TPRM strategies for the full spectrum of vendor relationships.
2:50pm ET
SESSION
Transition/Break 3:00pm ET
SESSION
Afternoon Tracks 3
Thought Leadership Panel: Navigating the Regulatory Constellation: Cross Jurisdictional Compliance
SPEAKERS
Caitlin M. Clarke, Senior Director of Cybersecurity Services, Venable LLP
Moderator: Gary Roboff, Senior Advisor, Shared AssessmentsDESCRIPTION
This session will explore strategies for navigating the complexities of cross-jurisdictional compliance, including insights on DORA, NIS2 and GDPR related mandates. Industry experts will share real-world approaches to harmonizing regulatory requirements across regions, avoiding common pitfalls, and ensuring that your risk management strategies stay aligned as new stars appear in the regulatory sky.
3:00pm ET
SESSION
Afternoon Tracks 3
Practitioner Panel: Engineering Vendor Contracts for the Future: Risk, Responsibility, and AutomationSPEAKERS
Julie Gaiaschi, CEO & Co-Founder, Third Party Risk Association
Tammy Knies, CPO, Eastern Bank
Shamul Ehteshamul Haque, Outside General Counsel, Shared Assessments
Moderator: Jennifer Hancock, SVP Professional Development & Education, Shared AssessmentsDESCRIPTION
A detailed discussion on how to build flexible, risk-sensitive contracts with third parties that can accommodate emerging risks, such as AI governance and cybersecurity threats.
3:50pm - 4:20pm ET
SESSION
Exhibitor Networking Break 4:20pm - 4:50pm ET
SESSION
Achievement Award Presentation and AcceptanceSPEAKERS
Andrew Moyad, CEO, Shared Assessments 4:50pm - 5:20pm ET
SESSION
Fireside ChatSPEAKERS
Heidi Grant, Former Director of the Defense Security Cooperation Agency
Paul Kurtz, CTO, Splunk 5:20pm ET
SESSION
Closing RemarksSPEAKERS
Brian Shaw, VP Head of North America, Certa 5:30pm ET
SESSION
Networking Reception
Thursday, March 27
Time
SESSION
SessionSPEAKERS
SpeakersDESCRIPTION
Description
7:30am - 8:30am ET
SESSION
Breakfast Buffet 8:30am ET
SESSION
Opening Remarks & AwardsSPEAKERS
Andrew Moyad, CEO, Shared Assessments 8:45am ET
SESSION
Keynote
SPEAKERS
Heidi Grant, Former Director of the Defense Security Cooperation AgencyDESCRIPTION
Mitigating Geopolitcal Risks in Global Supply Chains
9:15am ET
SESSION
Panel: Expanding the Horizons of AI and Emerging Technologies in Risk ManagementSPEAKERS
Katie Boswell, Securing AI Lead, KPMG
Konstantinos Karagiannis, Director Quantum Computing Services, Protiviti, Inc.
Mark Wehrle, Director Cyber Risk & Awareness, The Campbell's Company
Jonathan Dambrot, CEO, Cranium
Moderator: Andrew Moyad, CEO, Shared Assessments DESCRIPTION
Discover how AI and cutting-edge technologies are reshaping the TPRM landscape. Panelists will discuss actionable strategies for integrating AI into risk assessment, addressing quantum computing challenges, and leveraging blockchain to enhance vendor management.
10:05am - 10:35am ET
SESSION
Exhibitor Networking Break 10:35am ET
SESSION
Breakout Sessions Round 1SPEAKERS
1. Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
2. Bob Maley, CSO, Black Kite
3. Brian Shaw, VP Head of North America, Cera
4. Joey Carter, Sales Engineer, BlueVoyant
DESCRIPTION
1. ProcessUnity: Get Off the Assessment Treadmill. Take a Data-First, Questionnaire-Second Approach to TPRM
The work never ends. Every year, we onboard more third parties. And every year, our assessment workload gets worse. More resources to help? Not going to happen. Sound familiar? You’re not alone. We have been at this process for years, but it continues to get worse for your team and the people in your company that rely on your third parties. It doesn't have to be that way. It's time the flip the script and cut back on assessment questionnaires. Learn how the newest risk exchange models are eliminating 80% of questionnaire requests with data. Our expert will outline how to: • Instantly perform inherent risk analysis on your entire vendor portfolio • Incorporate assessment data into your process to reduce questionnaire requests • Map your questionnaire and controls to standard exchange questionnaires and ask fewer questions • Complete assessments on large, hard-to-assess third parties that don't respond to you • Monitor 100% of your portfolio -- not just your critical vendors TPRM doesn't have to be the most painful process in your company. Join us and start your program's evolution.
2. Black Kite: Beyond Checkboxes: Transforming TPRM with Automation and Agility
The old ways of managing third-party risk are failing. Questionnaires and manual processes are drowning us in a sea of checkboxes, while third-party breaches continue to rise. In this presentation, we'll explore how to ditch the outdated methods and embrace a new era of TPRM with automation and agility. Discover how to streamline assessments, gain real-time visibility into risk, and build a more secure future for your organization.
3. Certa: TPRM by Exception, The Future of TPRM Is Here Now —Traditional third-party risk management (TPRM) is no longer enough to keep pace with today’s evolving threat landscape. The future of TPRM isn’t more assessments; it’s exception-based risk management.
This session will explore how leading organizations are shifting from reactive assessments to real-time, exception-based risk management, leveraging AI and automation to eliminate manual inefficiencies and focus only on what truly matters.
You’ll learn:
What “TPRM by Exception” really means with AI and automation surfacing only risks that require action. The power of data-driven exception management, enabling organizations to pinpoint risks before they become threats.
Why real-time risk assessment is replacing static evaluations, allowing businesses to move from compliance-driven to proactive risk mitigation.
The tools and technology to achieve this exist today. Join us to discover how to streamline processes, enhance risk visibility, and stay ahead of regulatory expectations—without drowning in assessments.
Don’t just manage risk—master it.
4. BlueVoyant: Reducing Risk Across the Vendor Assessment LifecycleCommercial organizations are constantly increasing the number and variety of third parties they work with to meet business needs. From onboarding to offboarding every stage of the vendor lifecycle represents an opportunity and need for cyber risk reduction. To stay ahead of threats in the supply chain, Third Party Risk Management (TPRM) programs should be able to map and prioritize risk reduction processes in these varying lifecycle stages. This session will cover cyber-risk illumination and reduction best practices - including leveraging AI/ML - to continuously protect your outsourced critical business processes and data. Agenda: *Review the various stages that make up the vendor lifecycle *Cover best practices for ensuring cyber risk illumination and reduction is being carried out at each step *Incorporating validation of the accuracy of cyber-related questionnaire responses *Brief demo of the above
11:35am - 12:00pm ET
SESSION
Exhibitor Networking Break
12:00pm - 1:00pm ET
SESSION
Breakout Sessions Round 2SPEAKERS
1. Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
2. Bob Maley, CSO, Black Kite
3. Brian Shaw, VP Head of North America, Certa
4. Joey Carter, Sales Engineer, BlueVoyant
DESCRIPTION
1. ProcessUnity: Get Off the Assessment Treadmill. Take a Data-First, Questionnaire-Second Approach to TPRM
The work never ends. Every year, we onboard more third parties. And every year, our assessment workload gets worse. More resources to help? Not going to happen. Sound familiar? You’re not alone. We have been at this process for years, but it continues to get worse for your team and the people in your company that rely on your third parties. It doesn't have to be that way. It's time the flip the script and cut back on assessment questionnaires. Learn how the newest risk exchange models are eliminating 80% of questionnaire requests with data. Our expert will outline how to: • Instantly perform inherent risk analysis on your entire vendor portfolio • Incorporate assessment data into your process to reduce questionnaire requests • Map your questionnaire and controls to standard exchange questionnaires and ask fewer questions • Complete assessments on large, hard-to-assess third parties that don't respond to you • Monitor 100% of your portfolio -- not just your critical vendors TPRM doesn't have to be the most painful process in your company. Join us and start your program's evolution.
2. Black Kite: Beyond Checkboxes: Transforming TPRM with Automation and Agility
The old ways of managing third-party risk are failing. Questionnaires and manual processes are drowning us in a sea of checkboxes, while third-party breaches continue to rise. In this presentation, we'll explore how to ditch the outdated methods and embrace a new era of TPRM with automation and agility. Discover how to streamline assessments, gain real-time visibility into risk, and build a more secure future for your organization.
3. Certa: TPRM by Exception, The Future of TPRM Is Here Now —Traditional third-party risk management (TPRM) is no longer enough to keep pace with today’s evolving threat landscape. The future of TPRM isn’t more assessments; it’s exception-based risk management.
This session will explore how leading organizations are shifting from reactive assessments to real-time, exception-based risk management, leveraging AI and automation to eliminate manual inefficiencies and focus only on what truly matters.
You’ll learn:
What “TPRM by Exception” really means with AI and automation surfacing only risks that require action. The power of data-driven exception management, enabling organizations to pinpoint risks before they become threats.
Why real-time risk assessment is replacing static evaluations, allowing businesses to move from compliance-driven to proactive risk mitigation.
The tools and technology to achieve this exist today. Join us to discover how to streamline processes, enhance risk visibility, and stay ahead of regulatory expectations—without drowning in assessments.
Don’t just manage risk—master it.
4. BlueVoyant: Reducing Risk Across the Vendor Assessment LifecycleCommercial organizations are constantly increasing the number and variety of third parties they work with to meet business needs. From onboarding to offboarding every stage of the vendor lifecycle represents an opportunity and need for cyber risk reduction. To stay ahead of threats in the supply chain, Third Party Risk Management (TPRM) programs should be able to map and prioritize risk reduction processes in these varying lifecycle stages. This session will cover cyber-risk illumination and reduction best practices - including leveraging AI/ML - to continuously protect your outsourced critical business processes and data. Agenda: *Review the various stages that make up the vendor lifecycle *Cover best practices for ensuring cyber risk illumination and reduction is being carried out at each step *Incorporating validation of the accuracy of cyber-related questionnaire responses *Brief demo of the above
1:00pm - 2:00pm ET
SESSION
Networking Lunch
The Risk Launchpad: Your Hub for Expert Insights and Practical SolutionsDESCRIPTION
Need quick guidance on a pressing third-party risk management challenge? Looking for expert advice in a private, supportive setting? Welcome to The Risk Launchpad, where your toughest questions meet tailored solutions. This drop-in space is designed for attendees who:
- Have a specific TPRM issue to troubleshoot with Shared Assessments Senior Advisors and TPRM Principals.
- Seek one-on-one conversations in a more informal setting.
- Want actionable advice to take back to their organization right away.
No appointments or pre-registration required—simply stop by, share your concerns, and engage with experts ready to help you navigate your challenges. From regulatory compliance dilemmas to operational disruptions, our SMEs are here to equip you with insights and strategies for success.
2:00pm - 2:50pm ET
SESSION
Panel: The Legacy of Shared Assessments: 20 Years of Leadership in TPRM SPEAKERS
Cathy Allen, Founder, Board Risk Committee
Tom Garrubba, Vice President and Sr. Manager for Security Policy & Governance, PNC
Paul Kooney, Managing Director, Protiviti
Moderator: Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
A reflective panel celebrating the 20th anniversary of Shared Assessments. Panelists will discuss the key milestones in the organization's history, its impact on TPRM globally, and what the next 20 years might hold as we continue to chart new courses.
2:50pm - 3:40pm ET
SESSION
Panel: Obstacles to Standardization: Overcoming Fragmentation in Third-Party RiskSPEAKERS
Andrew Moyad, CEO, Shared Assessments
Dr. Angela Dogan, Associate Director Security Consulting, Kyndryl
Linnea Solem, CEO and Founder of Solem Risk Partners, LLC
Moderator: Mark Orsi, CEO, Global Resilience FederationDESCRIPTION
In a rapidly evolving regulatory and operational landscape, the promise of standardization in TPRM remains elusive. This session will tackle the complexities of harmonizing frameworks to enhance efficiency, reduce redundancy, and support continuous monitoring efforts. Experts will discuss how shared standards, evolving technologies, and collaboration across industries can pave the way toward a more cohesive future in third-party risk management.
3:40pm - 4:00pm ET
SESSION
Closing Remarks SPEAKERS
Andrew Moyad, CEO, Shared Assessments
SESSION
SessionSPEAKERS
SpeakersDESCRIPTION
Description
7:30am - 8:30am ET
SESSION
Breakfast Buffet 8:30am ET
SESSION
Opening Remarks & AwardsSPEAKERS
Andrew Moyad, CEO, Shared Assessments 8:45am ET
SESSION
Keynote
SPEAKERS
Heidi Grant, Former Director of the Defense Security Cooperation AgencyDESCRIPTION
Mitigating Geopolitcal Risks in Global Supply Chains
9:15am ET
SESSION
Panel: Expanding the Horizons of AI and Emerging Technologies in Risk ManagementSPEAKERS
Katie Boswell, Securing AI Lead, KPMG
Konstantinos Karagiannis, Director Quantum Computing Services, Protiviti, Inc.
Mark Wehrle, Director Cyber Risk & Awareness, The Campbell's Company
Jonathan Dambrot, CEO, Cranium
Moderator: Andrew Moyad, CEO, Shared Assessments DESCRIPTION
Discover how AI and cutting-edge technologies are reshaping the TPRM landscape. Panelists will discuss actionable strategies for integrating AI into risk assessment, addressing quantum computing challenges, and leveraging blockchain to enhance vendor management.
10:05am - 10:35am ET
SESSION
Exhibitor Networking Break 10:35am ET
SESSION
Breakout Sessions Round 1SPEAKERS
1. Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
2. Bob Maley, CSO, Black Kite
3. Brian Shaw, VP Head of North America, Cera
4. Joey Carter, Sales Engineer, BlueVoyant
DESCRIPTION
1. ProcessUnity: Get Off the Assessment Treadmill. Take a Data-First, Questionnaire-Second Approach to TPRM
The work never ends. Every year, we onboard more third parties. And every year, our assessment workload gets worse. More resources to help? Not going to happen. Sound familiar? You’re not alone. We have been at this process for years, but it continues to get worse for your team and the people in your company that rely on your third parties. It doesn't have to be that way. It's time the flip the script and cut back on assessment questionnaires. Learn how the newest risk exchange models are eliminating 80% of questionnaire requests with data. Our expert will outline how to: • Instantly perform inherent risk analysis on your entire vendor portfolio • Incorporate assessment data into your process to reduce questionnaire requests • Map your questionnaire and controls to standard exchange questionnaires and ask fewer questions • Complete assessments on large, hard-to-assess third parties that don't respond to you • Monitor 100% of your portfolio -- not just your critical vendors TPRM doesn't have to be the most painful process in your company. Join us and start your program's evolution.
2. Black Kite: Beyond Checkboxes: Transforming TPRM with Automation and Agility
The old ways of managing third-party risk are failing. Questionnaires and manual processes are drowning us in a sea of checkboxes, while third-party breaches continue to rise. In this presentation, we'll explore how to ditch the outdated methods and embrace a new era of TPRM with automation and agility. Discover how to streamline assessments, gain real-time visibility into risk, and build a more secure future for your organization.
3. Certa: TPRM by Exception, The Future of TPRM Is Here Now —Traditional third-party risk management (TPRM) is no longer enough to keep pace with today’s evolving threat landscape. The future of TPRM isn’t more assessments; it’s exception-based risk management.
This session will explore how leading organizations are shifting from reactive assessments to real-time, exception-based risk management, leveraging AI and automation to eliminate manual inefficiencies and focus only on what truly matters.
You’ll learn:
What “TPRM by Exception” really means with AI and automation surfacing only risks that require action. The power of data-driven exception management, enabling organizations to pinpoint risks before they become threats.
Why real-time risk assessment is replacing static evaluations, allowing businesses to move from compliance-driven to proactive risk mitigation.
The tools and technology to achieve this exist today. Join us to discover how to streamline processes, enhance risk visibility, and stay ahead of regulatory expectations—without drowning in assessments.
Don’t just manage risk—master it.
4. BlueVoyant: Reducing Risk Across the Vendor Assessment LifecycleCommercial organizations are constantly increasing the number and variety of third parties they work with to meet business needs. From onboarding to offboarding every stage of the vendor lifecycle represents an opportunity and need for cyber risk reduction. To stay ahead of threats in the supply chain, Third Party Risk Management (TPRM) programs should be able to map and prioritize risk reduction processes in these varying lifecycle stages. This session will cover cyber-risk illumination and reduction best practices - including leveraging AI/ML - to continuously protect your outsourced critical business processes and data. Agenda: *Review the various stages that make up the vendor lifecycle *Cover best practices for ensuring cyber risk illumination and reduction is being carried out at each step *Incorporating validation of the accuracy of cyber-related questionnaire responses *Brief demo of the above
11:35am - 12:00pm ET
SESSION
Exhibitor Networking Break
12:00pm - 1:00pm ET
SESSION
Breakout Sessions Round 2SPEAKERS
1. Ed Thomas, SVP Marketing & Sales Operations, ProcessUnity
2. Bob Maley, CSO, Black Kite
3. Brian Shaw, VP Head of North America, Certa
4. Joey Carter, Sales Engineer, BlueVoyant
DESCRIPTION
1. ProcessUnity: Get Off the Assessment Treadmill. Take a Data-First, Questionnaire-Second Approach to TPRM
The work never ends. Every year, we onboard more third parties. And every year, our assessment workload gets worse. More resources to help? Not going to happen. Sound familiar? You’re not alone. We have been at this process for years, but it continues to get worse for your team and the people in your company that rely on your third parties. It doesn't have to be that way. It's time the flip the script and cut back on assessment questionnaires. Learn how the newest risk exchange models are eliminating 80% of questionnaire requests with data. Our expert will outline how to: • Instantly perform inherent risk analysis on your entire vendor portfolio • Incorporate assessment data into your process to reduce questionnaire requests • Map your questionnaire and controls to standard exchange questionnaires and ask fewer questions • Complete assessments on large, hard-to-assess third parties that don't respond to you • Monitor 100% of your portfolio -- not just your critical vendors TPRM doesn't have to be the most painful process in your company. Join us and start your program's evolution.
2. Black Kite: Beyond Checkboxes: Transforming TPRM with Automation and Agility
The old ways of managing third-party risk are failing. Questionnaires and manual processes are drowning us in a sea of checkboxes, while third-party breaches continue to rise. In this presentation, we'll explore how to ditch the outdated methods and embrace a new era of TPRM with automation and agility. Discover how to streamline assessments, gain real-time visibility into risk, and build a more secure future for your organization.
3. Certa: TPRM by Exception, The Future of TPRM Is Here Now —Traditional third-party risk management (TPRM) is no longer enough to keep pace with today’s evolving threat landscape. The future of TPRM isn’t more assessments; it’s exception-based risk management.
This session will explore how leading organizations are shifting from reactive assessments to real-time, exception-based risk management, leveraging AI and automation to eliminate manual inefficiencies and focus only on what truly matters.
You’ll learn:
What “TPRM by Exception” really means with AI and automation surfacing only risks that require action. The power of data-driven exception management, enabling organizations to pinpoint risks before they become threats.
Why real-time risk assessment is replacing static evaluations, allowing businesses to move from compliance-driven to proactive risk mitigation.
The tools and technology to achieve this exist today. Join us to discover how to streamline processes, enhance risk visibility, and stay ahead of regulatory expectations—without drowning in assessments.
Don’t just manage risk—master it.
4. BlueVoyant: Reducing Risk Across the Vendor Assessment LifecycleCommercial organizations are constantly increasing the number and variety of third parties they work with to meet business needs. From onboarding to offboarding every stage of the vendor lifecycle represents an opportunity and need for cyber risk reduction. To stay ahead of threats in the supply chain, Third Party Risk Management (TPRM) programs should be able to map and prioritize risk reduction processes in these varying lifecycle stages. This session will cover cyber-risk illumination and reduction best practices - including leveraging AI/ML - to continuously protect your outsourced critical business processes and data. Agenda: *Review the various stages that make up the vendor lifecycle *Cover best practices for ensuring cyber risk illumination and reduction is being carried out at each step *Incorporating validation of the accuracy of cyber-related questionnaire responses *Brief demo of the above
1:00pm - 2:00pm ET
SESSION
Networking Lunch
The Risk Launchpad: Your Hub for Expert Insights and Practical SolutionsDESCRIPTION
Need quick guidance on a pressing third-party risk management challenge? Looking for expert advice in a private, supportive setting? Welcome to The Risk Launchpad, where your toughest questions meet tailored solutions. This drop-in space is designed for attendees who:
- Have a specific TPRM issue to troubleshoot with Shared Assessments Senior Advisors and TPRM Principals.
- Seek one-on-one conversations in a more informal setting.
- Want actionable advice to take back to their organization right away.
No appointments or pre-registration required—simply stop by, share your concerns, and engage with experts ready to help you navigate your challenges. From regulatory compliance dilemmas to operational disruptions, our SMEs are here to equip you with insights and strategies for success.
2:00pm - 2:50pm ET
SESSION
Panel: The Legacy of Shared Assessments: 20 Years of Leadership in TPRM SPEAKERS
Cathy Allen, Founder, Board Risk Committee
Tom Garrubba, Vice President and Sr. Manager for Security Policy & Governance, PNC
Paul Kooney, Managing Director, Protiviti
Moderator: Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
A reflective panel celebrating the 20th anniversary of Shared Assessments. Panelists will discuss the key milestones in the organization's history, its impact on TPRM globally, and what the next 20 years might hold as we continue to chart new courses.
2:50pm - 3:40pm ET
SESSION
Panel: Obstacles to Standardization: Overcoming Fragmentation in Third-Party RiskSPEAKERS
Andrew Moyad, CEO, Shared Assessments
Dr. Angela Dogan, Associate Director Security Consulting, Kyndryl
Linnea Solem, CEO and Founder of Solem Risk Partners, LLC
Moderator: Mark Orsi, CEO, Global Resilience FederationDESCRIPTION
In a rapidly evolving regulatory and operational landscape, the promise of standardization in TPRM remains elusive. This session will tackle the complexities of harmonizing frameworks to enhance efficiency, reduce redundancy, and support continuous monitoring efforts. Experts will discuss how shared standards, evolving technologies, and collaboration across industries can pave the way toward a more cohesive future in third-party risk management.
3:40pm - 4:00pm ET
SESSION
Closing Remarks SPEAKERS
Andrew Moyad, CEO, Shared Assessments
Speakers
The Summit is the opportunity to collaborate with peers, learn and energize your TPRM career for the upcoming year. It’s a charging station of positive risk management energy! That’s why I never miss it.
—Luc Levensohn, Manager, Information Risk Management, Staples
“Bitsight has been a proud sponsor of the Shared Assessments conference for years. We love the opportunity to connect with third-party risk professionals, discuss new and emerging trends, and share our experiences
in the market.”
in the market.”
— Jake Olcott, Vice President, Bitsight Technologies
“The Shared Assessment Summit is one of the few “I can’t miss” sessions of the year. It provides the latest in innovation, major external factors impacting our industries delivered through expert speakers, and connection to some of the best people in our industry.”
— Mark Holladay, Chief Risk Officer, Synovus Bank
“Most conferences have good speakers and good agendas. Where the Shared Assessments stands apart is the level of camaraderie and networking. There is truly nothing like this group and this Summit.”
— Dan Desko, CEO & Managing Partner, Echelon Risk + Cyber
“Participating in the Summit opened opportunities to work with professionals and understand the essential work and sharing of expertise is extended by encouragement to participate in forums conducted throughout the year. This was a high-quality experience that pays continuous dividends.”
— Julia Perry, Senior Program Manager, Security and Compliance, Mortech, a Zillow Group Business
Pricing
SUMMIT + CTPRP or CTPRA CLASS
Members: $3,344
Non-Members: $4,644
SUMMIT ONLY
Members: $1,999
Non-Members: $2,999
CTPRP or CTPRA CLASS ONLY
Members: $1,345
Non-Members: $1,645
Refund/Cancellation Policy
Registrants may cancel their registration and obtain a refund based on the following schedule:
Cancellations prior to January 1, 2025: Cancelling registrants will receive a refund of the registration fee paid less a $125 administration fee.
Cancellation between January 1, 2025, and February 29, 2025: Cancelling registrants will receive a refund of fifty per cent (50%) of the registration fees paid.
Cancellations after February 29, 2025: Cancelling registrants will receive no refunds of registration fees paid.
To request a refund, please email accounting@sharedassessments.org.