2 – Monitoring: Risk Management in the Vendor Relationship Lifecycle

This session is the second in a three-part webinar series on risk management through the life cycle of the vendor relationship.

Often organizations conduct due diligence when onboarding a third party (e.g., vendor, supplier, service provider, consultant) yet fail to monitor security throughout the entire life cycle of the relationship. Ongoing monitoring is critical to protect your dynamic organization as there is constant change in regulations, risk, internal business processes, employees, and technology. Likewise, third parties are constantly changing. Are your third parties current with controls and processes? What might have been a good relationship a year or two ago may not be a fit today. 

Businesses also face increased risk as their third-party network grows. Previously, it was predominantly IT vendors that posed an information security risk; however, in today’s interconnected digital economy, even the smart microwave in your breakroom is a potential threat. Join this webinar and learn about the five necessities of ongoing monitoring: 1) ongoing/continuous due diligence, 2) periodic attestations, 3) reputation monitoring, 4) issue reporting and management, and 5) audits and onsite inspections.

Learning Objectives: 

• Identify how to protect your dynamic organization as it undergoes changes in regulations, risk, internal business processes, employees, and technology
• Recognize how today’s interconnected digital economy increases the risk for businesses
• List the five necessities of ongoing monitoring

GRC 20/20 Speaker

GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 30+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

Webinar Sponsor

Since 2005, Quantivate has been helping organizations efficiently manage their governance, risk, and compliance (GRC) initiatives. Quantivate’s scalable technology and service solutions equip organizations of all sizes to make more strategic decisions, improve performance, and reduce costs.