December 2020 ISACA Puget Sound Chapter Meeting

When:  Dec 16, 2020 from 12:00 to 13:00 (PT)
Associated with  Puget Sound Chapter

Using COBIT and NIST to Govern and Manage Your Third Party Risks

There is no such thing as an enterprise that functions without suppliers, and there is no such thing as an enterprise that doesn’t assess risk. The difference between a successful organization and one that is not, is how they govern and manage risk, and in today’s environment, suppliers are a key aspect of any risk profile. There are countless standards, documents, bodies of knowledge and methods in our industry that have their own twist on handing 3rd party risk, but many don’t realize that there are two frameworks that provide actionable information on these risks. These frameworks are COBIT and the NIST Cybersecurity Framework (CSF). During this presentation we will explore the dynamic world of managing risk, in particular, managing 3rd party risk using COBIT and NIST as frameworks to integrate the multitude of standards and frameworks out there, as well as dive deep into practices and activities that should be core ingredients to your risk process.

Objectives:

  1. Understand the application of COBIT and NIST risk practices and activities and how they are being used today with respect to 3rd parties.
  2. Select and prioritize scenarios to create a risk register that can be used in multiple enterprise environments.
  3. Link the vendor risk process to industry standards and frameworks to create appropriate and applicable controls.
  4. Recognize good practices to mitigate 3rd party risk.

Presenter Bio:
Mark Thomas
Mark Thomas CGEIT, CRISC, CDPSE; IT GRC and Digital Transformation Expert

Mark is an internationally known Governance, Risk and Compliance expert specializing in information assurance, IT risk, IT strategy, service management and digital transformation. Mark has a wide array of industry experience including government, health care, finance/banking, manufacturing, and technology services. He has held roles spanning from CIO to IT consulting and is considered a thought leader in frameworks such as COBIT, NIST, ITIL and multiple ISO standards.

Location: Virtual Meeting

Pricing: Members - Free; Non-members - $20

Instructional delivery method: Online

CPE credit(s): 1 hour

Refund Policy: Refunds up to 1 day before event