Procurement Versus the CISO: Balancing Third-Party Risk Program Priorities
Today’s Third-Party Risk Management programs need to support requirements from the Chief Procurement Officer and the Chief Information Security Officer. Both individuals and their teams need to understand the risk that comes from vendors and their services, but for very different reasons.
Presented in partnership with Shared Assessments, learn how to balance your Third-Party Risk Management processes to support both procurement and information security priorities. Our team of experts will discuss how to implement an integrated approach that ties pre-contract due diligence with ongoing monitoring activities to create a mature, cross-functional program.
Attendees will learn how to:
- Identify risk domains important to each functional group and incorporate into due diligence activities
- Reduce onboarding cycle and improve assessment of vendor performance
- Establish and track the maturity of programs while gaining understanding of day to day activities of TPRM
- Integrate subject-matter experts into TPRM processes to improve assessment quality
- Map vendor risk to internal risk and compliance frameworks
Two business functions with different charters and goals - join us for practical advice on how to bridge the gap with your Third-Party Risk program.