DAY ONE
Tuesday | April 18, 2023
SESSION 1
1:00pm – 1:50pm ET
Inherent Risk vs Residual Vendor Risk: The Basics of What You Need to Know
While inherent and residual third-party risks are certainly interconnected, they differ in how they are established and applied in your third-party risk management process. Learn how inherent risk differs from residual risk and the role they play when determining acceptable risk levels for your organization.
By Hilary Jewhurst at Venminder
DAY TWO
DAY THREE
SESSION 2
2:00 - 2:50pm ET
10-MINUTE BREAK
1:50pm-2:00pm ET
Steps and Strategies of Vendor Due Diligence
Due diligence is not a one-and-done process. It should be risk-based, refreshed periodically, and tailored to match the product or service provided by a third party with collection of specific documents. Learn all about vendor due diligence during this session.
By Graig Cameron at Venminder
2:00pm – 2:50pm ET
Q&A
2:50pm – 3:00pm ET
Agenda
Agenda
| Day 1
DAY ONE
Wednesday | April 19, 2023
SESSION 3
1:00pm – 1:50pm ET
An Overview of Critical Vendors, Fourth Parties, and Exit Strategies Within Contracts
Vendor contracts work both as a roadmap to guide you through the business relationship and as a safety net. The greater the business risk, the more extensive and well-written the contract will need to be. Learn special considerations to be aware of in contracts to reduce risk and address critical, fourth, and Nth vendors.
By Kelly Vick at Venminder
DAY TWO
DAY THREE
SESSION 4
2:00 - 2:50pm ET
10-MINUTE BREAK
1:50pm-2:00pm ET
An Understanding of Vendor Data Breaches
It's no secret that data breaches have been on the rise. Hackers don't discriminate when looking for an asset to attack. This session covers what a vendor data breach means to you and the next steps and best practices to implement to handle the breach so that it limits the impact to you and your customers.
By Lisa-Mae Hill at Venminder
Third-Party Risk Management and Supply Chain
In today’s business climate, organizations are exposed to many supply chain risks. Third-party risk management is a practice that can help your organization identify these risks and begin to mitigate them. This session will discuss what you need to know about third-party risk management and supply chain, and how you can use vendor business continuity planning to assist with managing those supply chain risks.
By Lisa-Mae Hill at Venminder
Complementary User Entity Controls (CUECs) Within Vendor SOC Reports
Your organization is responsible for reviewing and implementing applicable vendor controls, playing an active part in supporting the operating effectiveness of your vendor. Without implementing a SOC report’s complementary user entity controls (CUECs), the service organization’s/vendor’s controls will not operate as intended, thus potentially producing material weaknesses. This session will discuss vendor SOC reporting and the role CUECs have.
By Lisa-Mae Hill at Venminder
2:00pm – 2:50pm ET
Q&A
2:50pm – 3:00pm ET
Agenda
Agenda
DAY ONE
Thursday | April 20, 2023
SESSION 5
1:00pm – 1:50pm ET
ESG: Is Your Organization Ready?
Environmental, social, and governance is more than a hot topic. Due to the demand for ESG disclosure and reporting, and the variations in regulations, it's important to understand the basics of ESG before rolling it out to your vendors. Our session focuses on ESG goals in third-party risk management, the implications for your vendors, and what to consider before getting started with ESG in your TPRM program.
By Hilary Jewhurst at Venminder
DAY TWO
DAY THREE
SESSION 6
2:00 - 2:50pm ET
10-MINUTE BREAK
1:50pm-2:00pm ET
Program Metrics and Reporting in Third-Party Risk Management
When you consider the number of vendor risks to identify, assess, and manage throughout the third-party risk management lifecycle, it becomes increasingly clear that reporting is an essential part of a third-party risk management program. Understanding when and whom to report to can be challenging with so many vendors. Learn how reporting data can be used to confirm an organization’s compliance and make decisions regarding the third-party risk management program.
By Jill Sherman at Venminder
Vendor Financial Health in Today’s Business Climate
You must actively monitor your vendor’s financial health to manage the financial risk each third party poses to your organization. Assessing your vendor’s financial health can determine whether a vendor has the financial viability to provide the product or service they’re contracted, making financial health a critical part of an effective third-party risk management program. This session covers financial health in today’s business climate.
By Ramin Zacharia at Venminder
The Importance of Vendor Performance Management
Neglecting vendor performance opens the door to regulatory non-compliance, financial loss, and reputational damage, especially for critical and high-risk vendor relationships. Vendor performance management is an essential risk management tool. This session covers vendor performance management in more detail and why it’s key to evaluate performance.
By Hilary Jewhurst at Venminder
2:00pm – 2:50pm ET
Q&A
2:50pm - 3:00pm ET
Agenda
Agenda