Shared Assessments 18th Annual Third-Party Risk Summit 2025 (USA)

March 26-27th, 2025

The Westin Fort Lauderdale Beach Resort

Third-Party Risk Summit

Join us as we celebrate the 20th Anniversary of Shared Assessments and the 18th Annual Third-Party Risk Summit—the premier global event for advancing third-party risk management across industries. This milestone for our organization and Summit shines a spotlight on cutting-edge processes, emerging technologies, and strategies driving efficiencies throughout the risk universe and beyond.

For two decades, the Shared Assessments Annual Third-Party Risk Summit has been the ultimate gathering of industry thought leaders and risk management experts. This year, we’re raising the bar by exploring future trends, sharing actionable insights, and celebrating 20 years of education, innovation, and excellence.

Attendees will gain unparalleled opportunities to network with peers, benchmark program maturity, and discover how to harness best practices and transformative technologies to elevate their risk management strategies. Don’t miss this special celebration of leadership and innovation in the risk management community, taking us light years into the next galaxy!

This event offers 13 Continuing Professional Education Credits (CPEs) for attending both Day 1 and Day 2.

Interested in Sponsorship Opportunities for Summit?

Pre-Summit Education

Certified Third Party Risk Professional (CTPRP)

Certified Third Party Risk Assessor (CTPRA)

Join us in person for a CTPRP or a CTPRA course hosted on March 25th, 2025, prior to our Third Party Risk USA Summit. These designations from the Shared Assessments Program validate expertise, and provide professional credibility, recognition, and marketability in third-party risk. 

To learn more about the class, the exam, and maintaining your certification, see the FAQs at the bottom of the CTPRP or CTPRA page on our website.

Cost: Members: $1,345 | Non-Members: $1,645

Event Location: The Westin Fort Lauderdale Beach Resort | Fort Lauderdale, FL

Date: March 25th, 2025 | 8:00am – 6:00pm ET

CPEs: Completion of this course will earn 12 CPEs.

Interested in Speaking at Summit?

Hotel

We are back! Join us where the warm waters of the Atlantic meet the sparkling sand, and create lasting risk management memories at The Westin Fort Lauderdale Beach Resort. This hotel is a true oceanfront oasis, designed to enhance your wellbeing. Say yes to the outdoor heated pool and the beach access skywalk!

Luc Levensohn

The Summit is the opportunity to collaborate with peers, learn and energize your TPRM career for the upcoming year. It’s a charging station of positive risk management energy! That’s why I never miss it.

—Luc Levensohn, Manager, Information Risk Management, Staples
Jake Olcott

“Bitsight has been a proud sponsor of the Shared Assessments conference for years. We love the opportunity to connect with third-party risk professionals, discuss new and emerging trends, and share our experiences
in the market.”

— Jake Olcott, Vice President, Bitsight Technologies

Schedule

The schedule is under development and subject to change – be sure to check back for updates:

  • Wednesday, March 26
  • Thursday, March 27
Time
Session
Speakers
Description
7:30am ET
Registration Opens
7:30am - 8:30am ET
Breakfast Buffet
8:30am ET
Welcome & Opening Remarks
Andrew Moyad, CEO, Shared Assessments
Captain’s Log: Charting the Future of TPRM Beyond Our First 20 Years
9:00am ET
Panel: Expanding the Horizons of AI and Emerging Technologies in Risk Management
Katie Boswell, Managing Director, KPMG

Konstantinos Karagiannis, Director Quantum Computing Services, Protiviti, Inc.

Mark Wehrle, Director Cyber Risk & Awareness, Campbells

Moderator: Andrew Moyad, CEO, Shared Assessments
Discover how AI and cuttingedge technologies are reshaping the TPRM landscape. Panelists will discuss actionable strategies for integrating AI into risk assessment, addressing quantum computing challenges, and leveraging blockchain to enhance vendor management.
9:50am ET
Exhibitor Networking Break
10:20am ET
Panel: Navigating the Regulatory Constellation: Cross Jurisdictional Compliance
TBA
This session will explore strategies for navigating the complexities of cross-jurisdictional compliance, including insights on DORA, NIS2 and GDPR related mandates. Industry experts will share real-world approaches to harmonizing regulatory requirements across regions, avoiding common pitfalls, and ensuring that your risk management strategies stay aligned as new stars appear in the regulatory sky.
11:10am ET
Sponsored Keynote: Preparing for the Quantum Future: Securing Vendor Ecosystems
TBA
11:40am
Networking Lunch
1:00pm ET
Afternoon Tracks 1

Thought Leadership Panel:
To Boldly Automate: Harnessing Automation for Efficient TPRM
TBA
Automation in TPRM is the future. This panel will explore how cutting edge AI tools can automate vendor onboarding, risk assessments, and continuous monitoring, providing organizations with timely and accurate risk data.
1:00pm ET
Afternoon Tracks 1

Practitioner Panel: Building a Continuous Monitoring Ecosystem: Insights for TPRM Practitioners
Deb Zoppy, Head of TPRM & Business Resiliency Oversight, Guardian

Bob Maley, CSO, BlackKite

Moderator: Sheria Williams, TPRM Principal, Products and Support
Continuous monitoring is the cornerstone of proactive third-party risk management but creating a sustainable and comprehensive monitoring ecosystem requires more than just tools. This session offers a hands-on exploration of the strategies, frameworks, and methodologies that practitioners need to integrate diverse data sources—including financial assessments, ESG ratings, and real-time alerts—into their monitoring practices. Designed for TPRM professionals looking to elevate their strategies, this session ensures you leave with the insights and techniques necessary to build a resilient monitoring ecosystem that adapts to today’s complex risk landscape.
1:50pm ET
Transition/Break
2:00pm ET
Afternoon Tracks 2

Thought Leadership Track: Navigating the Dual Horizon: B2B Challenges in TPRM
Brendan Novotny, Director of TPRM, SEI Investments
Business-to-business (B2B) organizations face a unique set of challenges in third-party risk management, balancing the complexities of managing their vendors while meeting the heightened expectations of informed, highly regulated clients. This session explores strategies to address these dual responsibilities, emphasizing practical approaches to achieving operational resilience and compliance. Whether you’re managing risk for a B2B enterprise or collaborating with client-driven ecosystems, this session will equip you with forward-looking strategies to tackle these challenges head-on and build a stronger, more adaptive TPRM program.
2:00pm ET
Afternoon Tracks 2

Practitioner Panel: Non-Traditional Vendors: Rethinking Risk Management for Unique Relationships
Becky Brown, SEI Investments

Mary Kay Merkt, Director Vendor Management & Procurement, Johnson Financial Group

Jan Lucero, Senior Director, Third Party Risk Management, Transamerica

Dan Even, Senior Manager - Third Party Risk Management (TPRM) - Supply Chain Management, Mayo Clinic
Not all third-party relationships fit neatly into traditional risk management frameworks. From facilities management to sub-advisors and beyond, non-traditional vendors require tailored approaches that go beyond the standard assessment process. This session explores innovative strategies to categorize and manage these unique relationships while ensuring compliance and mitigating risk. Designed for practitioners seeking actionable solutions, this discussion will equip you with the tools to build more inclusive and efficient TPRM strategies for the full spectrum of vendor relationships.
2:50pm ET
Transition/Break
3:00pm ET
Afternoon Tracks 3

Thought Leadership Panel: Evolving Regulatory Compliance Post-DORA and NIS2

John Ingold, Head of Supplier Management, T. Rowe Price

Mark Orsi, CEO, Global Resilience Federation
As regulatory landscapes grow more complex, organizations must develop strategies that ensure both operational and regulatory resilience. This panel will explore how evolving frameworks like DORA, NIS2, and AI regulations are reshaping third-party risk management practices. Experts will discuss actionable approaches to:

- Harmonize compliance efforts across jurisdictions.

-Strengthen operational resilience by aligning risk management frameworks with regulatory demands.

-Proactively address the intersection of ESG and TPRM requirements.
3:00pm ET
Afternoon Tracks 3

Practitioner Panel: Engineering Vendor Contracts for the Future: Risk, Responsibility, and Automation
Julie Gaiaschi, CEO & Co-Founder, Third Party Risk Association

Tammy Knies, CPO, Eastern Bank

Shamul Haque, Outside General Counsel, Shared Assessments

Moderator: Jennifer Hancock, SVP Professional Development & Education, Shared Assessments
A detailed discussion on how to build flexible, risk-sensitive contracts with third parties that can accommodate emerging risks, such as AI governance and cybersecurity threats.
3:50pm - 4:20pm ET
Exhibitor Networking Break
4:20pm ET
Panel: The Legacy of Shared Assessments: 20 Years of Leadership in TPRM
Cathy Allen, Founder, Board Risk Committee

Tom Garrubba, Vice President and Sr. Manager for Security Policy & Governance, PNC

Paul Kooney, Managing Director, Protiviti

Moderator: Andrew Moyad, CEO, Shared Assessments
A reflective panel celebrating the 20th anniversary of Shared Assessments. Panelists will discuss the key milestones in the organization's history, its impact on TPRM globally, and what the next 20 years might hold as we continue to chart new courses.
5:10pm ET
Closing Remarks
Andrew Moyad, CEO, Shared Assessments
5:30pm ET
Networking Reception
Wednesday, March 26
Time
SESSION
SessionSPEAKERS
SpeakersDESCRIPTION
Description
7:30am ET
SESSION
Registration Opens 7:30am - 8:30am ET
SESSION
Breakfast Buffet 8:30am ET
SESSION
Welcome & Opening RemarksSPEAKERS
Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
Captain’s Log: Charting the Future of TPRM Beyond Our First 20 Years
9:00am ET
SESSION
Panel: Expanding the Horizons of AI and Emerging Technologies in Risk Management SPEAKERS
Katie Boswell, Managing Director, KPMG

Konstantinos Karagiannis, Director Quantum Computing Services, Protiviti, Inc.

Mark Wehrle, Director Cyber Risk & Awareness, Campbells

Moderator: Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
Discover how AI and cuttingedge technologies are reshaping the TPRM landscape. Panelists will discuss actionable strategies for integrating AI into risk assessment, addressing quantum computing challenges, and leveraging blockchain to enhance vendor management.
9:50am ET
SESSION
Exhibitor Networking Break 10:20am ET
SESSION
Panel: Navigating the Regulatory Constellation: Cross Jurisdictional ComplianceSPEAKERS
TBADESCRIPTION
This session will explore strategies for navigating the complexities of cross-jurisdictional compliance, including insights on DORA, NIS2 and GDPR related mandates. Industry experts will share real-world approaches to harmonizing regulatory requirements across regions, avoiding common pitfalls, and ensuring that your risk management strategies stay aligned as new stars appear in the regulatory sky.
11:10am ET
SESSION
Sponsored Keynote: Preparing for the Quantum Future: Securing Vendor EcosystemsSPEAKERS
TBA 11:40am
SESSION
Networking Lunch 1:00pm ET
SESSION
Afternoon Tracks 1

Thought Leadership Panel:
To Boldly Automate: Harnessing Automation for Efficient TPRM SPEAKERS
TBA DESCRIPTION
Automation in TPRM is the future. This panel will explore how cutting edge AI tools can automate vendor onboarding, risk assessments, and continuous monitoring, providing organizations with timely and accurate risk data.
1:00pm ET
SESSION
Afternoon Tracks 1

Practitioner Panel: Building a Continuous Monitoring Ecosystem: Insights for TPRM Practitioners SPEAKERS
Deb Zoppy, Head of TPRM & Business Resiliency Oversight, Guardian

Bob Maley, CSO, BlackKite

Moderator: Sheria Williams, TPRM Principal, Products and SupportDESCRIPTION
Continuous monitoring is the cornerstone of proactive third-party risk management but creating a sustainable and comprehensive monitoring ecosystem requires more than just tools. This session offers a hands-on exploration of the strategies, frameworks, and methodologies that practitioners need to integrate diverse data sources—including financial assessments, ESG ratings, and real-time alerts—into their monitoring practices. Designed for TPRM professionals looking to elevate their strategies, this session ensures you leave with the insights and techniques necessary to build a resilient monitoring ecosystem that adapts to today’s complex risk landscape.
1:50pm ET
SESSION
Transition/Break 2:00pm ET
SESSION
Afternoon Tracks 2

Thought Leadership Track: Navigating the Dual Horizon: B2B Challenges in TPRM
SPEAKERS
Brendan Novotny, Director of TPRM, SEI Investments DESCRIPTION
Business-to-business (B2B) organizations face a unique set of challenges in third-party risk management, balancing the complexities of managing their vendors while meeting the heightened expectations of informed, highly regulated clients. This session explores strategies to address these dual responsibilities, emphasizing practical approaches to achieving operational resilience and compliance. Whether you’re managing risk for a B2B enterprise or collaborating with client-driven ecosystems, this session will equip you with forward-looking strategies to tackle these challenges head-on and build a stronger, more adaptive TPRM program.
2:00pm ET
SESSION
Afternoon Tracks 2

Practitioner Panel: Non-Traditional Vendors: Rethinking Risk Management for Unique RelationshipsSPEAKERS
Becky Brown, SEI Investments

Mary Kay Merkt, Director Vendor Management & Procurement, Johnson Financial Group

Jan Lucero, Senior Director, Third Party Risk Management, Transamerica

Dan Even, Senior Manager - Third Party Risk Management (TPRM) - Supply Chain Management, Mayo Clinic DESCRIPTION
Not all third-party relationships fit neatly into traditional risk management frameworks. From facilities management to sub-advisors and beyond, non-traditional vendors require tailored approaches that go beyond the standard assessment process. This session explores innovative strategies to categorize and manage these unique relationships while ensuring compliance and mitigating risk. Designed for practitioners seeking actionable solutions, this discussion will equip you with the tools to build more inclusive and efficient TPRM strategies for the full spectrum of vendor relationships.
2:50pm ET
SESSION
Transition/Break 3:00pm ET
SESSION
Afternoon Tracks 3

Thought Leadership Panel: Evolving Regulatory Compliance Post-DORA and NIS2

SPEAKERS
John Ingold, Head of Supplier Management, T. Rowe Price

Mark Orsi, CEO, Global Resilience FederationDESCRIPTION
As regulatory landscapes grow more complex, organizations must develop strategies that ensure both operational and regulatory resilience. This panel will explore how evolving frameworks like DORA, NIS2, and AI regulations are reshaping third-party risk management practices. Experts will discuss actionable approaches to:

- Harmonize compliance efforts across jurisdictions.

-Strengthen operational resilience by aligning risk management frameworks with regulatory demands.

-Proactively address the intersection of ESG and TPRM requirements.
3:00pm ET
SESSION
Afternoon Tracks 3

Practitioner Panel: Engineering Vendor Contracts for the Future: Risk, Responsibility, and AutomationSPEAKERS
Julie Gaiaschi, CEO & Co-Founder, Third Party Risk Association

Tammy Knies, CPO, Eastern Bank

Shamul Haque, Outside General Counsel, Shared Assessments

Moderator: Jennifer Hancock, SVP Professional Development & Education, Shared AssessmentsDESCRIPTION
A detailed discussion on how to build flexible, risk-sensitive contracts with third parties that can accommodate emerging risks, such as AI governance and cybersecurity threats.
3:50pm - 4:20pm ET
SESSION
Exhibitor Networking Break 4:20pm ET
SESSION
Panel: The Legacy of Shared Assessments: 20 Years of Leadership in TPRM SPEAKERS
Cathy Allen, Founder, Board Risk Committee

Tom Garrubba, Vice President and Sr. Manager for Security Policy & Governance, PNC

Paul Kooney, Managing Director, Protiviti

Moderator: Andrew Moyad, CEO, Shared AssessmentsDESCRIPTION
A reflective panel celebrating the 20th anniversary of Shared Assessments. Panelists will discuss the key milestones in the organization's history, its impact on TPRM globally, and what the next 20 years might hold as we continue to chart new courses.
5:10pm ET
SESSION
Closing RemarksSPEAKERS
Andrew Moyad, CEO, Shared Assessments 5:30pm ET
SESSION
Networking Reception
Thursday, March 27
Time
SESSION
SessionSPEAKERS
SpeakersDESCRIPTION
Description
7:30am - 8:30am ET
SESSION
Breakfast Buffet 8:45am ET
SESSION
Opening Remarks & AwardsSPEAKERS
Andrew Moyad, CEO, Shared Assessments 9:00am ET
SESSION
Keynote: Geopolitical Risks: Navigating New Frontiers in Global Supply ChainsSPEAKERS
TBA 9:30am ET
SESSION
Panel: Securing the Cloud Frontier: Protecting Third-Party Ecosystems in 2025SPEAKERS
Erin Joe, Office of the CISO, Senior Executive, Cybersecurity/Readiness, Google

Moderator: Chris Johnson, Senior Advisor, Shared AssessmentsDESCRIPTION
As organizations increasingly rely on cloud solutions for critical operations, the need for robust cloud security within third-party ecosystems has never been more urgent. This panel will explore the evolving landscape of cloud security and its integration with third-party risk management practices, providing actionable guidance for risk managers navigating these challenges in 2025.
10:20am - 10:50am ET
SESSION
Exhibitor Networking Break 10:50am ET
SESSION
Breakout Sessions Round 1SPEAKERS
TBADESCRIPTION
1. ProcessUnity

2. Black Kite

3. Certa

11:50am ET
SESSION
Networking Lunch 1:00pm ET
SESSION
Breakout Sessions Round 2SPEAKERS
TBADESCRIPTION
1. ProcessUnity

2. Black Kite

3. Certa

2:00pm - 2:30pm ET
SESSION
Exhibitor Networking Break 2:30pm ET
SESSION
Panel: The Risk Horizon: Addressing Inherent Challenges in Complex EcosystemsDESCRIPTION
In today’s interconnected world, managing inherent risk within complex third-party ecosystems is more challenging than ever. As organizations expand their global networks and regulatory scrutiny intensifies, identifying and addressing inherent risks requires strategic foresight and a comprehensive approach. Join industry leaders as they share insights, case studies, and forward-looking strategies to help you navigate the complexities of inherent risk management, ensuring resilience and adaptability in your TPRM program.
3:20pm ET
SESSION
Panel: Standardization - How Far Have We Come? What do the next 20 years look like?SPEAKERS
Troy Leach, CSO, CSA

Andrew Moyad, CEO, Shared Assessments

Moderator: Mark Orsi, CEO, Global Resilience FederationDESCRIPTION
In a rapidly evolving regulatory and operational landscape, the promise of standardization in TPRM remains elusive. This session will tackle the complexities of harmonizing frameworks to enhance efficiency, reduce redundancy, and support continuous monitoring efforts. Experts will discuss how shared standards, evolving technologies, and collaboration across industries can pave the way toward a more cohesive future in third-party risk management.
4:10pm ET
SESSION
Closing Remarks SPEAKERS
Andrew Moyad, CEO, Shared Assessments
Mark Holladay
“The Shared Assessment Summit is one of the few “I can’t miss” sessions of the year. It provides the latest in innovation, major external factors impacting our industries delivered through expert speakers, and connection to some of the best people in our industry.”
— Mark Holladay, Chief Risk Officer, Synovus Bank

Pricing

SUMMIT + CTPRP or CTPRA CLASS

Members: $3,344

Non-Members: $4,644

SUMMIT ONLY

Members: $1,999

Non-Members: $2,999

CTPRP or CTPRA CLASS ONLY

Members: $1,345

Non-Members: $1,645

Dan Desko

“Most conferences have good speakers and good agendas. Where the Shared Assessments stands apart is the level of camaraderie and networking. There is truly nothing like this group and this Summit.”

Dan Desko, CEO & Managing Partner, Echelon Risk + Cyber

Speakers

Katie Boswell

Managing Director Cyber Security, KPMG

Konstantinos Karagiannis

Director, Quantum Computing Services, Protiviti

Debra Zoppy

Member, Head of Third Party Risk, Guardian Life Insurance Company of America

Bob Maley

Member, Chief Security Officer, Black Kite

Brendan Novotny

Director of Third Party & Operational Risk Management, SEI Investments

Mark Orsi

CEO, Global Resilience Federation

Julie Gaiaschi

CEO & Co-Founder, Third Party Risk Association (TPRA)

Jennifer Hancock

SVP, Professional Development & Education, Shared Assessments

Mark Wehrle

Director Cyber Risk & Awareness, Campbells

Paul Kooney

Managing Director, Protiviti, Inc.

Erin Joe

Senior Executive and Advisor Cybersecurity, Google Cloud Office of the CISO

Troy Leach

CSO, Cloud Security Alliance

Tom Garrubba

Vice President and Sr. Manager for Security Policy & Governance, PNC

Tammy Knies

CPO, Eastern Bank

Becky Brown

Program Manager for Third Party Risk Management, SEI Investments Company

Dan Even

Senior Manager - Third Party Risk Management (TPRM) - Supply Chain Management, Mayo Clinic

John Ingold

Head of Supplier Management, T. Rowe Price

Sheria Williams

TPRM Principal, Products and Support Team, Shared Assessments

Chris Johnson

Senior Advisor, Shared Assessments

Shamul Haque

Outside General Counsel, Shared Assessments

Catherine A. Allen

Founder and Chair of the Board, Board Risk Committee

Andrew Moyad

Chief Executive Officer, Shared Assessments

Julia Perry

“Participating in the Summit opened opportunities to work with professionals and understand the essential work and sharing of expertise is extended by encouragement to participate in forums conducted throughout the year. This was a high-quality experience that pays continuous dividends.”

— Julia Perry, Senior Program Manager, Security and Compliance, Mortech, a Zillow Group Business

Refund/Cancellation Policy

Registrants may cancel their registration and obtain a refund based on the following schedule:

Cancellations prior to January 1, 2025: Cancelling registrants will receive a refund of the registration fee paid less a $125 administration fee.

Cancellation between January 1, 2025, and February 29, 2025: Cancelling registrants will receive a refund of fifty per cent (50%) of the registration fees paid.

 Cancellations after February 29, 2025: Cancelling registrants will receive no refunds of registration fees paid. 

To request a refund, please email accounting@sharedassessments.org.