Doors open at 7:30am
Please join ISACA Central Florida Chapter for 7 CPEs!
Vendor Management comprises all of the processes required to manage third-party vendors that deliver services and products to organizations. Significant effort is required from both the institution and the vendor to maximize the benefits received from the service or/and product while simultaneously mitigating associated risks. Having in mind that the scale, scope of services and the complexity of these services increase, the related risks and the importance of effective vendor management should proportionately increase. For example in GDPR, if our data processor will not follow some of the organization compliance requirements and there will be a data breach, the organization will face the risk of paying severe fines (up to 20M Euros).
From the other perspective, based on the different research, 3rd parties seem to be one of the weakest chains in the company security policy. Every day, cyber-related incidents, data breaches occur, involving serious to sometimes critical incidents that may have a significant impact on organizations. As a result, organizations have devoted more and more resources to do vendor risk management but still, this is a mainly manual process. Despite the aforementioned facts, most of the companies know almost nothing about their vendors but risks mitigation coming from vendors seems to be crucial for the majority of organizations.
After completing this session, you will be able to:
• Create vendor risk profiles in his/her organization.
• Create recommended steps to ensure 3rd party compliance.
• Choose the riskiest vendors for audit (implemented security controls verification).
• Mitigate risks coming from 3rd parties (including data processors).
Presented By: Jan Anisimowicz, PMP, CISM, CRISC
Director Audit, Risk and Compliance at C&F
Experienced senior IT manager with over 20 years of experience in GRC (audit, risk and compliance management), Data warehousing, Business Intelligence, Big Data, and data analysis. Broad business and technical perspective in telco, banking, pharma, and insurance. A staunch supporter of a pragmatic, lean and cost-effective approach to regulatory requirements implemented in the organizations. Active in the space of #FinTech, #InsurTech and #RegTech. Public speaker at international conferences (topics related to IT Security, Risk Management, Compliance, GRC, and data privacy). Involved in the process of analysis and verification of how artificial intelligence could support auditors in the space of IoT, Big Data and dispersed IT environments. A strong supporter of blockchain technology, which in his opinion should be widely used based on Smart Contracts with respect to data privacy principles (Privacy By Design). Member of the blockchain working group under the supervision of the Polish Ministry of Digital Affairs. Active participant of international organizations: ISACA (CISM & CRISC certificates), PMI (PMP certificate) and IIA (Institute of Internal Auditors).
Pricing:
$87.50 for Central Florida ISACA Chapter Members
$125.00 for Non-Central Florida ISACA Chapter Members
$25 for ISACA Student Members
past_event