Monday,April 8Workshops7:00 am – 8:00 amBreakfast and Opening of Registration8:00 am – 5:00 pmOptimizing Your Third Party Risk Management Program Pre-Summit Workshop
You have a third party risk management program but you’re not so sure as to how to optimize it. You are being asked by your Board of Directors and C-level management “How are we doing compared to (fill in company)?” With so much focus on the various challenges of third party risk assessment like assessments, continuous monitoring, partnering with organizations both internal and external, many organizations miss the critical process steps that must be in place for a successful and sustainable Third Party Risk Management Program (TPRMP).
This workshop will cover the key elements of maintaining a sustainable and focused enterprise Third Party Risk Management Program, and provide more meaningful insight into how good a job organizations are doing in evaluating their own third party risk management processes. This will be done by previewing and discussion some of the results of the recently released 2018 Vendor Risk Management Maturity Study with this group. We will address such topics as: Policy, Process and Practices; Inventory, Contracts; Risk Tiering and Assessments; Ongoing Oversight and Monitoring; Technology Platforms; Regulatory Considerations; Issue tracking and Remediation; and Enterprise Program Metrics. Participants will engage in enhancing sustainable programs in response to different industry considerations and sharing solutions. This workshop will be useful to all TPR professionals regardless of industry vertical or regulatory requirements for a specific business.
CPE CREDITS: 8 CPE credits can be earned for completion of this Workshop.
Tuesday,April 9Workshops7:00 am – 8:00 amBreakfast and Opening of Registration8:00 am – 12:00 pmToolkit Training: SIG Optimization Workshop
Attendees will demonstrate they have mastered all aspects of utilizing the Shared Assessments Program Standardized Information Gathering (SIG) questionnaire, including the creation and use of a Master SIG; the scoping of a vendor assessment; utilization of the SIG Management Tool (SMT) and all its functionality. Additionally, attendees will demonstrate an understanding of utilizing documented best practices upon receiving a completed SIG and supporting artifacts within the due diligence processes of a third party risk governance program. Attendees will receive a Shared Assessments Program Toolkit Training Course Completion Certificate for the 2019 Tool Release.8:00 am – 12:00 pmData Management and Third Party Risk Pre-Summit Workshop
Good data management and hygiene are essential components of organizational performance, but the trend toward more outsourcing in today’s environment complicates a set of already challenging set of administration requirements. Customer data, sensitive proprietary organizational data, financial data and the data we use to manage third party risk all demand an increased level of practice maturity as the risk and regulatory environments evolve. This workshop will focus on new and emerging best practices for data access, data governance, data integration, data integrity, data confidentiality, data aggregation, data preparation, and data security. It will consider challenges associated with the increased use of external data in managing third party risk programs through continuous monitoring activities which often generate significant quantities of data. Upon analysis, only a subset of this data may be material and actionable in identifying potential risks. Join your colleagues for an important discussion of data management challenges and solutions.1:00 pm – 5:00 pmToolkit Training: SCA Implementation Workshop
Attendees will demonstrate a thorough understanding of the Shared Assessments Program Standardized Control Assessment (SCA) procedures risk control framework, sampling parameters and testing procedures. They will also have demonstrated the ability to use the SCA as a self-assessment tool to evaluate their own company’s risk control environment. Synergies between SIG scoping and SCA testing will be shared. Attendees will receive a Shared Assessments Program Toolkit Training Course Completion Certificate for the 2019 Tool Release.1:00 pm – 5:00 pmCybersecurity and Continuous Monitoring Workshop
This session will share best practices in the continuous third party risk monitoring ecosystem. Continuous monitoring, an uninterrupted, real-time (or near real-time) risk management technique, is designed to improve an organization’s awareness of changes to controls that could indicate potential weaknesses. The session will focus on expectations, techniques and solutions being used to continuously monitor controls in cybersecurity, cyber hygiene, financial viability, negative news, geopolitical events and resiliency risk areas.
CPE CREDITS: 4 CPE credits can be earned for completion of each of the 1/2 day Workshops.
Wednesday,April 10Summit7:30 am – 8:30 amBreakfast and Opening of Registration8:30 am – 9:00 amWelcome and Opening Remarks
Catherine A. Allen, Chairman and CEO, The Santa Fe Group9:00 am – 9:30 amKeynote Speaker: Perspective From a CISO Pioneer on Information Security Practices
Steven Katz, Owner, Security Risk Solutions, LLC9:30 am – 10:15 amWhat CISO’s are Facing Today and in the Future10:15 am – 10:45 amExhibitor Networking Break10:45 am – 11:30 amManaging a New Area of Risk: Convergence of Operation Technology (OT) & Information Technology (IT)11:30 am – 12:00 pmSponsored Case Study12:00 pm – 12:45 pmLuncheon Buffet12:45 pm – 1:15 pmGlobal Risk: A CEO’s Perspective1:15 pm – 2:00 pmReputational Risk and Crisis Communications in Third Party Risk2:00 pm – 2:30 pmKeynote Speaker: Innovation in Regulation
Jing de Jong Chen, Partner and General Manager of Global Cybersecurity Strategy
Microsoft Corporation2:30 pm – 3:15 pmRegulatory Panel Cybersecurity and Data Protection3:15 pm – 3:45 pmExhibitor Networking Break3:15 am – 3:45 amSolutions Showcases (1 of 2)3:15 pm – 3:45 pmSolutions Showcases (2 of 2)3:45 pm – 4:30 pmAI, Robotics and Machine Learning: Impact on Third Party Risk4:30 pm – 5:15 pmFintech Discussion5:15 pm – 6:45 pmNetworking Reception
Thursday,April 11Summit7:30 am – 8:30 amBreakfast Buffet and Opening of Registration8:30 am – 9:00 amKeynote Speaker: Disruptive Risk
James Lam, President
James Lam & Associates9:00 am – 9:45 amRisk Framework and Risk Appetite9:45 am – 10:30 amShared Assessments Program Update10:30 am – 11:00 amExhibitor Networking Break11:00 am – 11:45 amThird Party Risk Research Update11:45 am – 12:15 pmSponsored Case Study12:15 pm – 1:00 pmLuncheon Buffet1:00 pm – 1:30 amKeynote Speaker1:30 pm – 2:15 pmIn Boards We Trust: Examines How Boards are Looking at Risk2:15 pm – 2:45 pmExhibitor Networking Break2:15 pm – 2:45 pmSolutions Showcases (1 of 2 Showcases)2:15 pm – 2:45 pmSolutions Showcases (2 of 2 Showcases)2:45 pm – 3:45 pmGlobal Issues in Third Party Risk Management3:45 pm – 4:15 pmClosing Remarks4:15 pm – 6:15 pmClosing Reception
CPE Credits: 15.5 CPE Credits can be obtained by completion of the two day Summit
Friday,April 12Certification7:30 am – 8:00 amBreakfast and Opening of Registration8:00 pm – 6:00 pmCTPRP Workshop & Exam
The Certified Third Party Risk Professional (CTPRP) designation from the Shared Assessments Program validates that expertise, providing professional credibility, recognition and marketability. This workshop will examine best practice management of the vendor lifecycle, vendor risk identification and rating as well as knowledge of the fundamentals of vendor risk assessment, monitoring and management.8:00 am – 6:00 pmCTPRA Workshop & Exam
The Certified Third Party Risk Assessor (CTPRA) designation from the Shared Assessments Program validates knowledge within specific IT risk control domains that an individual will need in order to perform a thorough IT risk evaluation of a third party during an assessment.
CPE CREDITS: CPE Credits will be granted as follows:
7 CPE Credits* will be offered for completion of the the Shared Assessments CTPRP workshop.
10 CPE Credits* will be offered for completion of the the Shared Assessments CTPRA workshop. A sign-in sheet will be provided at each registration table. Please note that you must sign in each day to receive the credits.
*In accordance with the standards of the National Registry of CPE sponsors, credits are based on a 50-minute hour.