In a landscape filled with new threats and regulations managing the risks of 3rd party vendors is vitally important. Most financial institutions have tens of thousands of supplier relationships, and many data breaches originate through IT Vendors within the supply chain. Compounding this dilemma, regulators including OIG, OCC, FFIEC and others are increasing their focus on potential 3rd party risks. They want to see organizations proactively identifying potential risks, verifying that business partners providers and their employees are compliant, monitoring for changes that might create new risks or compliance gaps, and managing the investigation and remediation of incidents.
During this webcast our panel will specifically address the practical 'how to's' around identifying and reducing the risks of 3rd party vendors, and we will focus on:
- Typical risks resulting from third party relationships
- Common deficiencies of vendor management practices used during the on-boarding process, and the life of the relationship
- Moving from a reactive to a proactive (preventative) vendor management process
- Real world examples will be used to illustrate the key points and recommendations
Rebecca Herold, CEO, The Privacy Professor® & Co-Founder, SIMBUS360. Rebecca is an information privacy, security and compliance consultant, author and instructor who has provided assistance, advice, services, tools and products to organizations in a wide range of industries during the past two decades. Rebecca is a widely recognized and respected information security, privacy and compliance expert.Rebecca assists organizations of all sizes and industries throughout the world with their information privacy, security and regulatory compliance programs, content development, and strategy development and implementation through a large variety of tools and services. She offers a range of standard and customized one and two-day workshops including one addressing how individuals across disciplines can work together to most effectively assure privacy and regulatory compliance while efficiently implementing security controls. Rebecca has also been an Adjunct Professor for the Norwich University Master of Science in Information Assurance (MSIA) program since 2004.
Neil Hooper, SVP Sales and Business Development at Rsam. As Rsam's Senior Vice President of Sales and Business Development, Neil is responsible for the global sales, channel, and solution consulting organizations. Prior to Rsam, Neil grew successful global programs at companies including SAP, Good Technology, Motorola, and Manugistics. With a proven track record in sales, channel management and consulting has a unique perspective that includes a number of years running global operations while living and working in the UK, Switzerland, Belgium, Canada and in the US including both Silicon Valley and NYC.
Yo Delmar is the vice president of GRC Solutions at MetricStream and is focused on the company's GRC market leadership. She has over 30 years of experience in Information Technology and Management, with a focus on Governance, Risk and Compliance over the past 10 years. Yo is responsible for MetricStream's Customer Program for over 300 companies world-wide and drives MetricStream's GRC Journey Program which provides expertise in helping companies implement strategies and programs for governance, risk and compliance (GRC) solutions that add strategic value while delivering dramatic cost savings. Yo has led start-ups and business units within system integration and outsourcing companies, and provided advisory services to F1000 on the implementation of GRC programs. She holds a B.Sc. (Honors) in Mathematics and Computer Science and an M.B.A. from Dalhousie University in Canada. She is also a Certified Management Consultant (CMC), Certified in Governance of Enterprise IT (CGEIT), and a Certified Information Security Manager (CISM).
Duncan Jones, Vice President, Principal Analyst Serving Sourcing & Vendor Management Professionals, at Forrester. Duncan primarily contributes to Forrester's offerings for Sourcing & Vendor Management Professionals. He is a leading expert on software pricing and licensing and helps clients understand and address the effect of technology changes on software contracts. By researching enterprises' experience in dealing with large software vendors, including their negotiation successes and the problems they encountered later in the relationship, Duncan helps clients create and execute sound negotiation strategies and get advantageous software license and maintenance agreements.