With many organizations pushing outsourcing to its limits, regulators and standards bodies (e.g., MAS, OCC, BaFin, FCA, FedRAMP, BITS, NERC, NEI, ISO, PCI Security Council, AICPA, and Cloud Security Alliance) are increasingly putting an emphasis on having a strong and effective supplier risk management framework. Systems and process failures by third parties can have catastrophic reputational and operational consequences for an organization. It is crucial not only to have effective procedures for managing vendors and the risk they may expose you to, but also to safeguard your organization from third-party related control failures. As a result, organizations need to continuously monitor and manage vendor risks (operational, reputational, cyber / cloud) downstream in the supply chain. Assessing just your top 25 critical vendors is no longer sufficient.
What regulators are requiring in vendor governance, what is driving their actions, and what the future holds;
How a top 10 global bank designed a vendor risk management framework and supporting operations / technology capabilities to support tens of thousands of risk owners and hundreds of thousands of supplier services in an increasingly regulated environment;
How to implement a highly scalable, end-to-end vendor risk management framework that covers parallel workflows of onboarding of new vendors renewing vendor contracts, as well as and taking real-time business feeds (e.g., payment, reputational ) and business performance into account;
Best practices around vendor risk management.
Did you ever count the number of vendors your organization uses to run your business operations? Even mid-sized companies easily exceed one hundred third-party vendors, including technology vendors, electricity, hosting, facilities, payment, and collection services providers. As a result, it is not surprising that when it comes to vendor risk assessments, most organizations focus only on a small subset, typically based on contract size. This practice is clearly outdated, considering the fact that cyber criminals are using the supply chain to access data from large, well-protected global organizations they wouldn't otherwise be able to compromise.
With their supply chain being targeted by cyber-attacks and advanced persistent threats, organizations face increased operational, compliance, reputation, strategic, and credit risks when engaging in third-party relationships. These risks are being compounded by the growing volume, diversity, and complexity of these outsourcing arrangements. On top of that, regulators have turned a keen eye to this development, enforcing stricter guidelines on how an organization must manage their third-party suppliers by requiring extending their practice of conducting regular risk assessments to include all of their suppliers, and - if possible - even supplier's suppliers.
The threat of data breaches, public scrutiny, and regulatory fines have put vendor risk management in the spotlight. Without proper oversight, and a framework to systemically capture, assess, and mitigate third-party supplier risks, your organization can be exposed.
Attending this webinar will enable you to:
Understand what is driving regulation in this area and what you can expect to see in the future;
Determine which areas you need to improve in order to lower risk factors with current vendors and during the selection process of new vendors;
Benchmark your vendor risk management programs against those of the industry's leading financial institutions;
Discover how to leverage best practice and hear the newest trends and strategies in vendor risk management and strategic outsourcing.
Attendees are sure to come away with the latest tools and techniques for improving the management of vendor risk in their organization.
Premium Members Only
OnDemand access to this webinar is restricted to Premium Members.
Kevin is responsible for applying best practices in managing vendor risk and strategic outsourcing, operational execution of vendor risk management framework implementations, and overall client success in collaboration with technical alliance partners such as Accenture, PwC, and Deloitte. Kevin has worked within the enterprise software industry for over 20 years and in his current role advises global (financial) organizations on best practice methodology for vendor and operational risk management. Prior to joining Agiliance, he held executive level positions in product management and sales in the computer software industry.
Head, Vendor Risk and Control, Global Financial Institution
Nate has more than 13 years of global procurement, strategic sourcing, audit coordination, vendor risk management, and global logistics experience. He is a frequent speaker on optimizing outsourcing, controls, compliance, and vendor risk management strategies worldwide and regularly provides commentary and byline articles for media outlets. Nate started his career as a management consultant and since has held executive level positions in the computer software and financial services industry.