DAY ONE
Tuesday | April 18, 2023
SESSION 1
1:00pm – 1:50pm ET
Inherent Risk vs Residual Vendor Risk: The Basics of What You Need to Know
While inherent and residual third-party risks are certainly interconnected, they differ in how they are established and applied in your third-party risk management process. Learn how inherent risk differs from residual risk and the role they play when determining acceptable risk levels for your organization.
By Hilary Jewhurst at Venminder
DAY TWO
DAY THREE
SESSION 2
2:00 - 2:50pm ET
10-MINUTE BREAK
1:50pm-2:00pm ET
Steps and Strategies of Vendor Due Diligence
Due diligence is not a one-and-done process. It should be risk-based, refreshed periodically, and tailored to match the product or service provided by a third party with collection of specific documents. Learn all about vendor due diligence during this session.
By Graig Cameron at Venminder
2:00pm – 2:50pm ET
Q&A
2:50pm – 3:00pm ET
Agenda
Agenda
| Day 1
DAY ONE
Wednesday | April 19, 2023
SESSION 3
1:00pm – 1:50pm ET
An Overview of Critical Vendors and Fourth Parties Within Contracts
Vendor contracts work both as a roadmap to guide you through the business relationship and as a safety net. The greater the business risk, the more extensive and well-written the contract will need to be. Learn special considerations to be aware of in contracts to reduce risk and address critical and fourth-party vendors.
By Kelly Vick at Venminder
DAY TWO
DAY THREE
SESSION 4
2:00 - 2:50pm ET
10-MINUTE BREAK
1:50pm-2:00pm ET
An Understanding of Vendor Data Breaches
It's no secret that data breaches have been on the rise. Hackers don't discriminate when looking for an asset to attack. This session covers what a vendor data breach means to you and the next steps and best practices to implement to handle the breach so that it limits the impact to you and your customers.
By Lisa-Mae Hill at Venminder
Mitigating Supply Chain Risks Through Business Continuity and Third-Party Risk Management
Today's business environment presents organizations with a variety of supply chain risks. Organizations must take steps to ensure that their vendors have business continuity plans in place to protect the supply chain from disruptions. In this session, we will discuss how vendor business continuity planning can help you manage supply chain risks.
By Lisa-Mae Hill at Venminder
Vendor SOC Reports & CUECs: What to Know
Your organization is responsible for reviewing and implementing applicable vendor controls, playing an active part in supporting the operating effectiveness of your vendor. Without implementing a SOC report’s complementary user entity controls (CUECs), the service organization’s/vendor’s controls will not operate as intended, thus potentially producing material weaknesses. This session will discuss vendor SOC reporting and the role CUECs have.
By Lisa-Mae Hill at Venminder
2:00pm – 2:50pm ET
Q&A
2:50pm – 3:00pm ET
Agenda
Agenda
DAY ONE
Thursday | April 20, 2023
SESSION 5
1:00pm – 1:50pm ET
Interagency Guidance on Third-Party Relationships: Risk Management and the Impact on Your TPRM Program
The Federal Reserve Board, Federal Deposit Insurance Corporation, and Office of the Comptroller of the Currency Interagency Guidance became effective in June 2023. Organizations must comply immediately. We’ll briefly walk you through the new guidance, why it matters to all industries, and suggested actions to ensure your program complies.
By Hilary Jewhurst at Venminder
DAY TWO
DAY THREE
SESSION 6
2:00 - 2:50pm ET
10-MINUTE BREAK
1:50pm-2:00pm ET
Program Metrics and Reporting in Third-Party Risk Management
When you consider the number of vendor risks to identify, assess, and manage throughout the third-party risk management lifecycle, it becomes increasingly clear that reporting is an essential part of a third-party risk management program. Understanding when and whom to report to can be challenging with so many vendors. Learn how reporting data can be used to confirm an organization’s compliance and make decisions regarding the third-party risk management program.
By Jill Sherman at Venminder
Vendor Financial Health in Today’s Business Climate
You must actively monitor your vendor’s financial health to manage the financial risk each third party poses to your organization. Assessing your vendor’s financial health can determine whether a vendor has the financial viability to provide the product or service they’re contracted, making financial health a critical part of an effective third-party risk management program. This session covers financial health in today’s business climate.
By Ramin Zacharia at Venminder
The Importance of Vendor Performance Management
Neglecting vendor performance opens the door to regulatory non-compliance, financial loss, and reputational damage, especially for critical and high-risk vendor relationships. Vendor performance management is an essential risk management tool. This session covers vendor performance management in more detail and why it’s key to evaluate performance.
By Hilary Jewhurst at Venminder
2:00pm – 2:50pm ET
Q&A
2:50pm - 3:00pm ET
Agenda
Agenda