The final class registration day will be closed on August 25th, 2022 at 9 pm. No exceptions are made.
Discounted member rates apply to any chapter member in the world.
Note: Due to COVID-19 This event will be online only
" Please register for this class using the private email address (Gmail,
yahoo, AOL, Hotmail address) and not your organization's email address.
Many organizations block emails with attachments and block Webex
links"
Dates and Times: All times are New York time (Eastern Standard Time). Please click here to hear the time and date in your location. Sunday, August 28th, 2022 9:00 AM - 5 PM EST Prerequisite: Some experience in IT controls or audit or security or risk management professionals. Instructor: Jay Ranade, CISA, CISM, CRISC, CGEIT, CIA, CRMA, CISSP, ISSAP, CBCP, CDPSE, HCISPP
Prerequisites: Some background in risk management
What Problem Does This Training Help Solve?
Helps you manage third party risks originating from organizational policies and regulatory requirements
Training Delivery Method: online, instructor-led course or hybrid
Who Should Attend?
Three types of audience: 1. those who implement controls to manage TP risks 1. Compliance who ensure that controls are effective and KRIs are defined and monitored 3. Assurance area (Internal audit) who test controls to give assurance to the organizational governance
Course Material: Content-rich manual/course handouts consisting of about 200+ slides
Syllabus:
1. What is Third Party risk
2. 4-elements: RA, due diligence, contracting, and oversight
3. Management and monitoring of TPRM risk
4. TPRM Framework
5. VRM and TPRM governance and policy
6. Types of vendor and thrid party risks
7. Risk and Control assessment
8. Monitoring variations of risks and controls- KRIs, KCIs
9. Vendor supply chain risk and controls
10. Scenario analysis for vendor risks
11. Vendor contracts and SLAs management
12. Communicating vendor and third party risk
13. IT-related vendor risks (supplier and services)
14. Security - Data CIA
15. Encryption
16. Access controls
17. Vendor ERP controls
18. Trans-border transmission of privacy-related information
19. Regulatory Compliance – GLBA, PCI DSS, SOX, Dodd-Frank
20. SOC 2 reviews (SSAE 16 and ISAE 3402)
21. Responsibility and accountability
22. Awareness and training for vendor and third party interfacing employees
Course Material: Content-rich manual/course handouts from Jay Ranade.
CPE Credits: 7 Capacity: webinar - 15 people
Onsite Location: N/A
Live broadcast webinar location: Anywhere in the world
Refund Policy: 80% refund on or before July 28th, 2022.
A refund must be requested in writing and will not be accepted after the said date, and after the class materials has been send by either the committee or the instructor.
Very Important:
· Anyone who fails to make a payment online will not be considered an attendee
- CPE credits can be applied toward each ISACA designation that is held.
- Webinar sessions are not being recorded - it's a live broadcast.
- You cannot switch between onsite and online sessions once on-site is decided.
- Webinar access instructions are provided prior to the first day of class.
- For webinar attendees, you can also test if you are able to connect to the gotowebinar website by following the instructions here: http://bit.ly/1JvcdSy