Maturity of Vendor Risk Management Event 2017

Maturity of Vendor Risk Management Event 2017

Protiviti’s research team has completed its fourth annual third party risk management study with the Shared Assessments Program. This study is based on the Program’s comprehensive Vendor Risk Management Maturity Model (VRMMM), and examines practice maturity in eight key risk management categories: Governance; Policies/ Standards/Procedures; Contracts; Vendor Risk Identification/Analysis; Skills/Expertise; Communications/Information Sharing; Tools, Measurement/Analysis; and Monitoring/Review.

In this session, we will share:

  • Where risk management is improving and where progress has slowed.
  • Changes in program maturity in eight key program areas and by industry.
  • The relationship between board engagement and risk management practice maturity.
  • How and why organizations are reducing the risks associated with outsourcing.

Event Details

Date: Thursday, November 30, 2017


  • 10 a.m. PT
  • 11 a.m. MT
  • 12 p.m. CT
  • 1 p.m. ET

Duration: 60 mins


IT Security & Privacy Management
Paul Kooney is a Director in Protiviti’s IT Security & Data Privacy practice, with extensive knowledge and experience in developing information security programs, performing compliance assessments, developing vendor risk management programs, and providing information security assessment services. In his over twenty years in the information technology and information security fields, Paul has managed and delivered security services for client organizations in the financial, healthcare, manufacturing, retail, entertainment, energy, transportation, and other industries to assess information security needs and implement solutions.
Senior Advisor,
The Santa Fe Group
For more than four decades, Gary Roboff, Senior Advisor, The Santa Fe Group, has contributed his outstanding talents to the field of financial services planning and management, including 25 years at JP Morgan Chase where he retired as Senior Vice President of Electronic Commerce. Gary has worked extensively in electronic payments, payments fraud, third part risk management, privacy and information utilization, as well as business frameworks and standards for electronic commerce applications.

CPE Credit Offered: 1




30 Nov 2017
01:00 PM EST
United States
Event Role
Thursday, November 30, 2017 - 1:00pm