What you can expect

In this workshop, participants will gain a holistic perspective on third-party management, mastering both top-down and bottom-up strategies. We’ll delve into integrating third-party management seamlessly into your business strategy, processes, and operations, ensuring a cohesive approach. You’ll explore diverse third-party management architecture models tailored to your organization’s unique needs, enabling you to make informed decisions. Discover a range of assessment and monitoring techniques designed to safeguard your business effectively. We’ll guide you in developing a structured third-party information architecture that aligns seamlessly with your business operations, enhancing efficiency. Moreover, you’ll learn the art of clear and persuasive communication, essential for gathering attestation and fostering strong partnerships across your entire organization. Join us to empower your business with comprehensive, strategic third-party management skills.

Agenda

1. Third Party Management by Design
2. The Blueprint for Effective Third Party Management
3. From onboarding to offboarding; managing third parties
4. Enabling information and technology management of third party relationships
5. The strategic evolution of TPRM landscape

Objectives:

The objective of this workshop is to leave attendees with the ability to effectively manage due diligence and third-party risk. Participants will gain a deep understanding of the challenges and pitfalls associated with managing third-party risk, achieving success by capitalizing on these relationships while ensuring compliance. The workshop will facilitate ongoing monitoring of third-party partners, helping attendees define a structured third-party management lifecycle for managing and monitoring relationships.

Ownership and accountability for third-party management will be established, ensuring process consistency and effective communication with partners on matters of risk and compliance. Attendees will also learn to track critical workflows and tasks internally and with third-party relationships. Furthermore, the workshop will equip participants with the skills to deliver effective third-party governance and assurance to the board of directors, regulators, and stakeholders. Metrics will be monitored to establish the effectiveness of third-party management, and attendees will become adept at identifying and resolving issues with third parties.

The workshop will also cover mapping third-party relationships to objectives, risks, controls, issues, and other GRC areas.

Detailed Agenda

Part 1: Third Party Management by Design

• Why Third Party Management Matters
• Third Parties in Disarray: how organizations mismanage third parties
• Third Party Exposure: how mismanaged third parties expose the organization to risk
• Current drivers & trends pressuring organizations in third party management
• Different ways organizations approach third party management
• What Effective Third Party Management Achieves: third party management’s role in governance, risk management, and compliance

Part 2: Third Party Governance

• Blueprint for Effective Third Party Management
• Third Party Governance Committee: bringing together the range of third party management roles and responsibilities in the organization
• Third Party Management Charter: defining a structure to govern third party relationships
• How to Develop a Third Party Management Strategic Plan

Part 3: Third Party Management Lifecycle

• Managing Third Parties from Onboard to Offboarding
• Third party identification & onboarding
• Ongoing context monitoring
• Third party communications & attestations
• Third party monitoring & assessment
• Third party forms & approvals
• Third party metrics & reporting
• Third party re-evaluation and offboarding

Part 4: Third Party Management Architecture

• Enabling Information & Technology Management of Third Party Relationships
• Third Party Management Information Architecture: Blueprint for Managing Third Party Content and Related Data
• Types of third party management information and how it integrates into third party processes
• Components and requirements for a third party information architecture
• Third Party Management Technology Architecture: Blueprint for Enabling Third Party Management Processes with Technology
• Kinds of third party management technologies and what best serves the organization
• Capabilities and requirements of third party management platforms
• Third Party Management Business Case: Articulating the Value of Effective Third Party Management
• Defining a business case and value of third party management platforms

GRC 20/20 Analyst will be facilitating this workshop . . .

GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 30+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

About Event Host . . .

SureCloud is a leading provider of cloud based, Integrated GRC (Governance, Risk & Compliance) products and Cybersecurity services, which reinvent the way you manage risk. SureCloud, and our Aurora platform, enable organizations to make better decisions and achieve their desired business outcomes. SureCloud is underpinned by Aurora, a highly configurable no-code platform, which is simple, intuitive, and flexible. Unlike other GRC Platform providers who force organizations to adapt their processes, our solutions are highly configurable. Aurora can be easily customized to fit a wide range of operating models, meaning that our clients get immediate and sustained value from the outset.