What you can expect

In this workshop, participants will gain a holistic perspective on third-party management, mastering both top-down and bottom-up strategies. We’ll delve into integrating third-party management seamlessly into your business strategy, processes, and operations, ensuring a cohesive approach. You’ll explore diverse third-party management architecture models tailored to your organization’s unique needs, enabling you to make informed decisions. Discover a range of assessment and monitoring techniques designed to safeguard your business effectively. We’ll guide you in developing a structured third-party information architecture that aligns seamlessly with your business operations, enhancing efficiency. Moreover, you’ll learn the art of clear and persuasive communication, essential for gathering attestation and fostering strong partnerships across your entire organization. Join us to empower your business with comprehensive, strategic third-party management skills.

Agenda

1. Third Party Management by Design
2. The Blueprint for Effective Third Party Management
3. From onboarding to offboarding; managing third parties
4. Enabling information and technology management of third party relationships
5. The strategic evolution of TPRM landscape

Objectives:

The objective of this workshop is to leave attendees with the ability to effectively manage due diligence and third-party risk. Participants will gain a deep understanding of the challenges and pitfalls associated with managing third-party risk, achieving success by capitalizing on these relationships while ensuring compliance. The workshop will facilitate ongoing monitoring of third-party partners, helping attendees define a structured third-party management lifecycle for managing and monitoring relationships.

Ownership and accountability for third-party management will be established, ensuring process consistency and effective communication with partners on matters of risk and compliance. Attendees will also learn to track critical workflows and tasks internally and with third-party relationships. Furthermore, the workshop will equip participants with the skills to deliver effective third-party governance and assurance to the board of directors, regulators, and stakeholders. Metrics will be monitored to establish the effectiveness of third-party management, and attendees will become adept at identifying and resolving issues with third parties.

The workshop will also cover mapping third-party relationships to objectives, risks, controls, issues, and other GRC areas.

Detailed Agenda

Part 1: Third Party Management by Design

• Why Third Party Management Matters
• Third Parties in Disarray: how organizations mismanage third parties
• Third Party Exposure: how mismanaged third parties expose the organization to risk
• Current drivers & trends pressuring organizations in third party management
• Different ways organizations approach third party management
• What Effective Third Party Management Achieves: third party management’s role in governance, risk management, and compliance

Part 2: Third Party Governance

• Blueprint for Effective Third Party Management
• Third Party Governance Committee: bringing together the range of third party management roles and responsibilities in the organization
• Third Party Management Charter: defining a structure to govern third party relationships
• How to Develop a Third Party Management Strategic Plan

Part 3: Third Party Management Lifecycle

• Managing Third Parties from Onboard to Offboarding
• Third party identification & onboarding
• Ongoing context monitoring
• Third party communications & attestations
• Third party monitoring & assessment
• Third party forms & approvals
• Third party metrics & reporting
• Third party re-evaluation and offboarding

Part 4: Third Party Management Architecture

• Enabling Information & Technology Management of Third Party Relationships
• Third Party Management Information Architecture: Blueprint for Managing Third Party Content and Related Data
• Types of third party management information and how it integrates into third party processes
• Components and requirements for a third party information architecture
• Third Party Management Technology Architecture: Blueprint for Enabling Third Party Management Processes with Technology
• Kinds of third party management technologies and what best serves the organization
• Capabilities and requirements of third party management platforms
• Third Party Management Business Case: Articulating the Value of Effective Third Party Management
• Defining a business case and value of third party management platforms

GRC 20/20 Analyst will be facilitating this workshop . . .

Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on enterprise GRC strategy and processes supported by robust information and technology architectures.  With 30+ years of experience, Michael helps organizations improve GRC strategy and processes supported by the correct GRC technology architecture. This enables organizations to align GRC with the business and deliver effective, efficient, resilient, and agile capabilities to the organization.  He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — the first to define and model the GRC market in February 2002 while at Forrester.

About Event Host . . .

Aravo delivers the market’s smartest third-party risk and resilience solutions, powered by intelligent automation. For more than 20 years now, Aravo’s combination of award-winning technology and unrivaled domain expertise has helped the world’s most respected brands accelerate and optimize their third-party management programs, delivering better business outcomes faster and ensuring the agility to adapt as programs evolve. With solutions built on technology designed for usability, agility, and scale, even the most complex organizations can keep pace with the high velocity of regulatory change. As a centralized system of record for all data related to third-party risk, Aravo helps organizations achieve a complete view of their third-party ecosystem throughout the lifecycle of the relationship, from intake through off-boarding and all stages in between and across all risk domains. Aravo is trusted by the world’s leading brands, helping them manage their risk and improve the performance of more than 6 million third parties, suppliers and vendors across the globe.