Webcast - Accountability in the Ecosystem: Third-Party Risk Management

enterprise resilience webinar series
Webcast - Accountability in the Ecosystem: Third-Party Risk Management

During the pandemic, organisations that are reliant on vendors to perform valuable key functions or supply essential goods are seeing uncertainty and volatility. The “trust-but-verify” model becomes more complex as third parties become unavailable or are out of business. Considering these challenges, how do organisations effectively manage their third-party ecosystem? Is your organisation equipped to answer tough questions about exposing sensitive data to third parties? Has your organisation quantified the overall risk that is associated with third-party access to ‘crown jewel’ data assets and systems?

This webinar will discuss practical ways to tackle these complex and daunting challenges. We will show how organisations big and small have used fundamentals and innovation to triage and prioritise their third-party partners based on risk, and step through several real-life examples demonstrating industry-leading practises.

Following this webinar, you’ll have the necessary tools and knowledge to:

  • Justify executive support in tackling third-party risk at your organisation in spite of COVID-related budget constraints
  • Apply industry-leading methodologies and practises to your organisation based on right-fit and the new post-pandemic economic reality
  • Employ ongoing monitoring practises into your third-party risk program

1 CPE credit available for live attendees only.

No prerequisites required. Level: basic. Field of study: Information Technology. Instruction delivery method: Group Internet Based. Elements of Engagement: Polling Questions.
Protiviti is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org. For more information regarding administrative policies, complaints and refunds please contact the Protiviti CPE Administrator at [email protected].

 

Access On-Demand Recording

 

Speakers:

Managing Director, IT Security & Privacy Management
Protiviti
 
Paul Kooney is a Managing Director in Protiviti’s Security and Privacy practise, with extensive knowledge and experience in developing information security programs, performing compliance assessments, developing vendor risk management programs, and providing information security assessment services. Paul leads the Third Party Risk Management (TPRM) solution offering within the Security and Privacy practise. In his over twenty five years of experience, Paul has managed and delivered security services for organisations in the financial, healthcare, manufacturing, retail, entertainment, and transportation industries to assess information security needs and implement solutions. In addition to his lead role in the annual Shared Assessments - Protiviti Vendor Risk Management Benchmark Study, Paul serves on the Shared Assessments Steering Committee, contributes to many Shared Assessments working groups for the development of tools and thought leadership, and has been a long time Shared Assessments proponent.
 
Managing Director, Risk & Compliance
Protiviti
 
Brian is a Managing Director with Protiviti and is part of the Regulatory Risk team located in Tampa, Florida. Brian leads the Third Party Risk Management (TPRM) solution offering within the Risk and Compliance solution in the United States, and coordinates with Protiviti’s Business Performance Improvement and Technology Consulting Practises for our cross-solution TPRM offering. Brian’s experience and expertise focuses on regulatory risk and compliance, third party vendor risk, and operational risk. Prior to joining Protiviti, Brian had worked as an Associate National Bank Examiner with the Office of the Comptroller of the Currency from 2006 - 2010.
 
andrew_dangelo
Senior Manager, Security & Privacy
Protiviti
 
Andrew D’Angelo is a Senior Manager in Protiviti’s New York Data Security and Privacy practise, and a quantitative information security risk professional. He has deep experience leading the design, implementation, oversight and maturity assessment of multiple information security third-party risk management programs. Andrew’s industry experience is broad, including financial services, healthcare, technology and quasi-government organisations.

Andrew holds the Certified Third-Party Risk Professional credential and is a regular participant in multiple Shared Assessments working groups. He has deep experience in operationalising third-party risk best practises.

julia_thompson
Manager
Protiviti
 
Julia Thompson is a Manager in Protiviti’s Security and Privacy practise located in Dallas, with extensive experience in third party risk management, primarily within the financial services and healthcare industries. She has expertise leading the design, implementation and operation of third party risk management programs and security strategy implementations. Julia holds the Certified Third-Party Risk Professional certification, the OneTrust Vendor Management Expert certification, and participates in Shared Assessments working groups.