Loading Events

« All Events

  • This event has passed.

London Workshop: Third-Party Risk Management by Design

2023-12-06 @ 9:30 am 4:30 pm London

What you can expect

In this workshop, participants will gain a holistic perspective on third-party management, mastering both top-down and bottom-up strategies. We’ll delve into integrating third-party management seamlessly into your business strategy, processes, and operations, ensuring a cohesive approach. You’ll explore diverse third-party management architecture models tailored to your organization’s unique needs, enabling you to make informed decisions. Discover a range of assessment and monitoring techniques designed to safeguard your business effectively. We’ll guide you in developing a structured third-party information architecture that aligns seamlessly with your business operations, enhancing efficiency. Moreover, you’ll learn the art of clear and persuasive communication, essential for gathering attestation and fostering strong partnerships across your entire organization. Join us to empower your business with comprehensive, strategic third-party management skills.


  1. Third Party Management by Design
  2. The Blueprint for Effective Third Party Management
  3. From onboarding to offboarding; managing third parties
  4. Enabling information and technology management of third party relationships
  5. The strategic evolution of TPRM landscape


The objective of this workshop is to leave attendees with the ability to effectively manage due diligence and third-party risk. Participants will gain a deep understanding of the challenges and pitfalls associated with managing third-party risk, achieving success by capitalizing on these relationships while ensuring compliance. The workshop will facilitate ongoing monitoring of third-party partners, helping attendees define a structured third-party management lifecycle for managing and monitoring relationships.

Ownership and accountability for third-party management will be established, ensuring process consistency and effective communication with partners on matters of risk and compliance. Attendees will also learn to track critical workflows and tasks internally and with third-party relationships. Furthermore, the workshop will equip participants with the skills to deliver effective third-party governance and assurance to the board of directors, regulators, and stakeholders. Metrics will be monitored to establish the effectiveness of third-party management, and attendees will become adept at identifying and resolving issues with third parties.

The workshop will also cover mapping third-party relationships to objectives, risks, controls, issues, and other GRC areas.

Detailed Agenda

Part 1: Third Party Management by Design
  • Why Third Party Management Matters
  • Third Parties in Disarray: how organizations mismanage third parties
  • Third Party Exposure: how mismanaged third parties expose the organization to risk
  • Current drivers & trends pressuring organizations in third party management
  • Different ways organizations approach third party management
  • What Effective Third Party Management Achieves: third party management’s role in governance, risk management, and compliance

Part 2: Third Party Governance
  • Blueprint for Effective Third Party Management
  • Third Party Governance Committee: bringing together the range of third party management roles and responsibilities in the organization
  • Third Party Management Charter: defining a structure to govern third party relationships
  • How to Develop a Third Party Management Strategic Plan

Part 3: Third Party Management Lifecycle
  • Managing Third Parties from Onboard to Offboarding
  • Third party identification & onboarding
  • Ongoing context monitoring
  • Third party communications & attestations
  • Third party monitoring & assessment
  • Third party forms & approvals
  • Third party metrics & reporting
  • Third party re-evaluation and offboarding

Part 4: Third Party Management Architecture
  • Enabling Information & Technology Management of Third Party Relationships
  • Third Party Management Information Architecture: Blueprint for Managing Third Party Content and Related Data
  • Types of third party management information and how it integrates into third party processes
  • Components and requirements for a third party information architecture
  • Third Party Management Technology Architecture: Blueprint for Enabling Third Party Management Processes with Technology
  • Kinds of third party management technologies and what best serves the organization
  • Capabilities and requirements of third party management platforms
  • Third Party Management Business Case: Articulating the Value of Effective Third Party Management
  • Defining a business case and value of third party management platforms

GRC 20/20 Analyst will be facilitating this workshop . . .

Michael Rasmussen

GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 30+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

Ethixbase360 delivers market-leading technology to help companies identify, manage, and mitigate risks in their third-party network. The Ethixbase360 platform was designed to automate the identification of relevant risk indicators, provide insights from the data collected, and then create a positive impact for both its clients and their third parties with monitoring and training. Ethixbase360 acquired Tcompliance, formerly known as TRACE Inc., in 2022 expanding its suite of risk-based due diligence solutions to offer a unique collaborative approach that reduces screening costs for companies. Combined, the two companies have conducted over 600,000 due diligence reviews in every non-sanctioned country and monitor more than 2 million third parties daily. Ethixbase360’s solutions are aligned with the 10 principles of the United Nations Global Compact, the world’s leading corporate sustainability framework.

Leave a Reply

Your email address will not be published. Required fields are marked *