DAY ONE
Tuesday, October 4, 2022
SESSION 1
1:00 - 1:55pm ET
New Third-Party Risk Management Lifecycle
We'll briefly introduce the third-party risk management lifecycle and walk through the three main stages - onboarding, ongoing, and offboarding. This will frame the rest of the bootcamp.
By Hilary Jewhurst at Venminder
DAY TWO
DAY THREE
SESSION 2
2:00 - 2:50pm ET
5 MINUTE BREAK
1:55 – 2:00pm ET
Onboarding: Due Diligence
We’ll cover initial due diligence involving what you need to collect and review. We will take a look at vendor vetting and the importance of it and initial due diligence. Next, we will discuss the fundamental concepts of vendor due diligence and walk through some specific examples. We will wrap it up with some tips.
By Hilary Jewhurst at Venminder
2:50 - 3:00pm ET
Q&A
Onboarding: Planning & Risk Assessment
We’ll dig into the first stage of the lifecycle by discussing planning, including identifying your exit strategy upfront, and assessing the risk associated with a potential vendor. We will discuss the different risk handling techniques including mitigation, avoidance, transference, and acceptance.
By Hilary Jewhurst at Venminder
Onboarding: Planning & Risk Assessment
We’ll dig into the first stage of the lifecycle by discussing planning, including identifying your exit strategy upfront, and assessing the risk associated with a potential vendor. We will discuss the different risk handling techniques including mitigation, avoidance, transference, and acceptance.
By Hilary Jewhurst at Venminder
Onboarding: Contracting
We’ll move into contract negotiations for when you’ve selected the vendor with whom you’d like to move forward. There are elements to watch out for before signing that contract. We will discuss who is generally involved, protecting yourself with your contract, and take a look at the key components of SLA’s included in vendor contracts. We will end the day with some best practices.
By Kelly Vick at Venminder
Onboarding: Contracting
We’ll move into contract negotiations for when you’ve selected the vendor with whom you’d like to move forward. There are elements to watch out for before signing that contract. We will discuss who is generally involved, protecting yourself with your contract, and take a look at the key components of SLA’s included in vendor contracts. We will end the day with some best practices.
By Kelly Vick at Venminder
1:55 – 2:00pm ET
DAY ONE
Wednesday, October 5, 2022
SESSION 3
1:00 - 1:55pm ET
Ongoing: SOC Reports
We’ll cover how vendor SOC reports fit into the process. We’ll discuss the different types of SOC reports, when to review them, and what to look out for on an ongoing basis.
By Lisa-Mae Hill at Venminder
DAY TWO
SESSION 4
2:00 - 2:50pm ET
5 MINUTE BREAK
1:55 – 2:00pm ET
Ongoing: Business Continuity Management
We’ll discuss how business continuity, disaster recovery, and pandemic planning come into play along with what procedures your vendor needs to have to handle a business impacting event, how to ensure that they’ve taken precaution, and tested those plans. As we all know, no organization is immune.
By Hershey Long at Venminder
2:50 - 3:00pm ET
Q&A
DAY THREE
5 MINUTE BREAK
1:55 – 2:00pm ET
2:50 - 3:00pm ET
Q&A
DAY ONE
DAY TWO
DAY THREE
Ongoing: Cybersecurity
We’ll take a look at cybersecurity in the process along with what to review on your vendor’s cybersecurity to ensure they can continuously prevent, detect, and respond to cyber issues.
By Lisa-Mae Hill at Venminder
Ongoing: Financial Health
We’ll discuss a vendor’s financials in the process along with what you need to look at on an ongoing basis to make sure your vendor has a strong financial health and what to do if they don’t.
By Ramin Zacharia at Venminder
Ongoing: Cybersecurity
We’ll take a look at cybersecurity in the process along with what to review on your vendor’s cybersecurity to ensure they can continuously prevent, detect, and respond to cyber issues.
By Lisa-Mae Hill at Venminder
Ongoing: Financial Health
We’ll discuss a vendor’s financials in the process along with what you need to look at on an ongoing basis to make sure your vendor has a strong financial health and what to do if they don’t.
By Ramin Zacharia at Venminder
DAY ONE
Thursday, October 6, 2022
SESSION 5
1:00 - 1:55pm ET
Offboarding: Termination & Exit Plan Execution
We’ll dive into the last stage of the lifecycle, namely offboarding. We’ll cover implementing a pre-established exit strategy, what are the key activities to consider, and what stakeholders have a role in them.
By Graig Cameron at Venminder
DAY THREE
SESSION 6
2:00 - 2:50pm ET
5 MINUTE BREAK
1:55 – 2:00pm ET
Governance: Reporting
This session will discuss what reporting you need to be doing, who needs to be involved in reporting, and how it is done. Throughout the entire lifecycle, reporting helps you gauge vendor performance.
By Hilary Jewhurst at Venminder
2:50 - 3:00pm ET
Q&A
DAY TWO
5 MINUTE BREAK
1:55 – 2:00pm ET
2:50 - 3:00pm ET
Q&A
DAY ONE
DAY TWO
DAY THREE
Offboarding: TPRM Closure
We’ll explain what happens after you complete the exit plan, including confirming final termination steps, capturing issues, updating metrics/reporting, as well as suggested recipients.
By Graig Cameron at Venminder
Governance: Preparing for Exams
We’ll discuss how exams are the foundation of the lifecycle. Examiners and auditors are often looking for the same things and we will discuss exactly what they are looking at and what they expect from you and your vendors.
By Hilary Jewhurst at Venminder
Offboarding: TPRM Closure
We’ll explain what happens after you complete the exit plan, including confirming final termination steps, capturing issues, updating metrics/reporting, as well as suggested recipients.
By Graig Cameron at Venminder
Governance: Preparing for Exams
We’ll discuss how exams are the foundation of the lifecycle. Examiners and auditors are often looking for the same things and we will discuss exactly what they are looking at and what they expect from you and your vendors.
By Hilary Jewhurst at Venminder