Recorded: April 23 | 2020 Attend
Companies work with third-party vendors to help them become leaner, more agile, flexible, and efficient, so they can go to market faster and beat the competition. However, onboarding remains the most time consuming and pressurized part of the process, as security leaders try to balance meeting the demands with the business with the fundamentals of good security. According to Gartner it now takes an average of 90 days to onboard a new vendor, 20 days longer than four years ago.
Furthermore, the recent large scale shift to work from home in response to COVID-19 has accelerated the adoption of new vendors as companies try to enable a newly remote workforce, adding even more pressure on third-party risk managers to onboard and operationalize third-parties faster than ever. Join BitSight’s Evan Tegethoff, Will Ricciardi, and Andrew Calo to learn how third-party risk managers can create faster, less costly and more scalable onboarding processes that enable the business to grow faster and become adaptive to a changing environment, including how to:
- Reduce time and cost to onboard new vendors
- Scale your program more efficiently
- Use tiering to prioritize your assessment process
- Use an adaptive process to monitor your vendors
NASBA CPE Information
Register for this session via the console below. In order to be awarded the full credits, you must be respond to three out of the four polling questions asked during the program, and attend the session for a minimum of 45 minutes.
Qualifying participants will earn 1.0 CPE credit
Field of Study: Information Technology
Prerequisites: Basic knowledge of internet security issues within enterprise and the financial industry.
Who Should Attend: This session is suitable for executives, managers and key staff in all GRC and Information Security roles (including risk, audit, compliance, ethics, legal, performance, IT, Data Security, Cyber Security etc…). Members of technology providers and professional service firms will also benefit from understanding the issues and approaches covered on this session.
Program Level: Overview
Delivery Method: Group Internet Based. This is a group live event for NASBA authorized continuing education credit. Qualifying attendees will receive a certificate of completion of this event indicating 1 hour of CPE.
Executive IT Forums, Inc, is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.
Will Ricciardi, Sr. Manager, Customer Success BitSight Technologies. Will currently works as a trusted advisor to enterprise clients and high profile Federal Government accounts to help them operationalize BitSight into their vendor risk management programs as well as ensure they are receiving maximum value out of our solution. Prior to BitSight, he was in the application & network performance monitoring industry for 6 years.
Andrew Calo is the Manager of Technology Risk at BitSight Technologies. He has over 20 years of experience in information technology and security with a current focus on third party risk management. Previous to his role at BitSight, he worked for both public and private software companies, as well as multiple institutions of higher learning; where he built and maintained information security programs of various size and complexity.
Evan Tegethoff is VP, Consulting Engineering at BitSight Technologies. He previously held leadership roles in Risk and Compliance Practice Management at Optiv, Accuvant and Forsythe Technologies.Prior to BitSight, he developed Third Party Risk approaches for numerous large organizations. Additionally, he led consulting teams focused on third party risk assessment, compliance and risk management. He holds the CISSP certification and was previously an ISO 27001 Assessor and PCI QSA.