PrivSec Focus - Third Party Risk

 

Headline Sponsor

ProcessUnity Logo

 

 

AGENDA

 

26 April 2022

A global Livestream Experience

 

CATCH-UP & WATCH ON-DEMAND

Agenda

PrivSec Focus: Third-Party Risk

BST Tuesday 26th April 2022
09:55

Opening Remarks
09:55 AM - 10:00 AM

Speakers
10:00

Ongoing Vendor Monitoring: Aiming for Total Transparency
10:00 AM - 10:50 AM

Third-party vendors and service providers are often very responsive to initial requests for details about their practices. But once the contract is signed, information can be less forthcoming.

Yet ongoing vendor monitoring is a crucial part of third-party risk management. Changes in vendors’ practices or supply chains can expose your business to unexpected risk.

PrivSec Third-Party Risk will explore how to effectively monitor your third-party relationships on an ongoing basis and achieve near-total third-party transparency.

Speakers
10:15
10:30
10:50
11:00

Can You Rely On Third-Party Risk Assessment Questionnaires?
11:00 AM - 11:50 AM

Questionnaires are an important part of third-party due diligence programmes.

But by relying on questionnaires, businesses entering into third-party relationships assume their service providers will respond with transparency and accuracy.

PrivSec Third-Party Risk will consider whether the risk assessment questionnaire is a sufficiently robust mechanism for lowering risk exposure, and explore how businesses can obtain comprehensive and meaningful responses.

Speaker

  • Onur Korucu, M.Sc, LL.M, Sr. GRC, Data Protection, Cyber Security Manager, Avanade
  • Guilherme Campion Tovar, CIPP/E, Data Privacy Specialist, Mercado Libre
  • Prof. Hernan Huwyler, MBA CPA Sr. Lead IT Controls and Risk at Danske Bank and Compliance Masters Director at IE Law School
11:15
11:30
11:50
12:00

Third-Party Risk Masterclass: How to Calculate Inherent Risk
12:00 PM - 12:30 PM

When building an efficient vendor risk management program, it is critical to prioritize which vendors present the most risk. Knowledge of your third parties’ inherent risks can help increase security and performance and change the way you run your vendor risk management program. In addition, by understanding where to prioritize your time, you can invest resources in assessing and monitoring the third parties that matter most to your business.

In this webinar, you’ll learn how to: Develop inherent risk calculations and a scoring methodology, Tier your third parties by criticality and high risk, Scope and schedule vendor assessments based on inherent risk scores

Speakers
12:15
12:30
12:40

Maintaining an Ethical Supply Chain
12:40 - 13:30 PM

Along with security and legal concerns, ethical considerations are an increasingly crucial component of third-party risk management.

By ensuring third parties engage in fair and lawful employment practices to avoid environmentally harmful manufacturers, companies are not only doing what’s right—they are reducing risk and enhancing their reputation.

PrivSec Third-Party Risk will explore the ethical dimension of supply chain management—and consider how to make sure your third-party service providers live up to your values.

Speakers
12:55
13:10
13:20
13:30

Preventing Supply Chain Attacks: Best Practice
13:30 - 14:20 PM

Solarwinds and Kaseya showed the world how dangerous supply chain attacks can get—when one actor in the supply chain becomes compromised, the effects can be devastating to hundreds of organisations downstream.

PrivSec Third-Party Risk will explore the ongoing threat of supply chain attacks and provide actionable advice on reducing your risk exposure.

Host

  • Cat Coode, Data Privacy Consultant, Fractional Data Privacy Officer, Binary Tattoo

Speaker

  • Anu Kukar, Associate Partner, Cybersecurity cloud, strategy & risk IBM A/NZ; Director, Arascina® – Cyber for non-techies; Switch2Cyber – global campaign
  • Marco Túlio Moraes, CISO, Oiti
  • Vincent D'Angelo, Global Director, Strategic Alliances, Partnerships & Corporate Strategy, CSC Digital Brand Services
  • Patricia Punder, Governance, Compliance, Data Privacy and ESG International Expert, Punder Consulting Office, Punder Advogados
13:45
14:00
14:20
14:30

Fast, smart and connected: a renewed approach to third-party risk management
14:30 - 15:00

With COVID-19 still with us, Brexit still affecting EU-UK trade and the ongoing Ukraine-Russia conflict, volatility within European supply chains is quickly becoming the norm. This is the opportune time for procurement leaders to embed agility into third-party risk management and supplier resilience.

In this webinar, Anna Mazzone, EMEA VP & Head of Risk & ESG at ServiceNow discusses options for modifying the process to deliver a more efficient risk assessment process, and share some examples of successful risk and resilience programmes being run by organisations.

Speakers

  • Anna Mazzone, EMEA Vice President & Head of Risk Business at ServiceNow
14:45
15:00
15:10

Third-Party Due Diligence: How Deep Should You Dig?
15:10 - 15:50

Conducting due diligence on prospective third-party providers is a vital part of ensuring compliance and lowering risk exposure.

The due diligence process can be resource-intensive, but getting this crucial part of third-party risk management wrong can be disastrous for your business and its stakeholders.

PrivSec Third-Party Risk will explore best-practice tips to help systematise and prioritise your company’s third-party due diligence process.

Speakers
15:30
15:45
16:00

Closing Remarks
16:00 - 16:05

More information to follow

Speakers
16:05