This briefing is part 2 of our “Third Party Risk Management” series based on the findings of a cross-sector task force of CISOs who developed a framework with supporting tools designed to be a powerful resource to build, manage, and scale a third-party risk management program.
The foundation of this framework consists of a 6-phase third-party risk management program lifecycle whose steps are critical to a successful third-party risk management program, including:
1. Supplier Identification
2. Supplier Classification
3. Supplier Assessment
4. Supplier Management
5. Supplier Monitoring
6. Supplier Relationship Termination
Sheldon Cuffie, CISO, American Family Insurance
Tom Scurrah, VP, Cybersecurity Programs & Content, Cybersecurity Collaborative
Andy Fiumefreddo, Enterprise IT Third Party Cyber Risk, American Family Insurance
Who Can Attend:
Open to anyone. Particularly aimed toward CISO’s Directors, Managers, Risk Managers.