- Banking & Financial Services
- BANKING & FINANCIAL SERVICES
- Banks and Credit Unions
- Financial Services and Trading
- Insurance
- Accounting and Taxation
- Life Sciences
- Hitech, Aero & Manufacturing
- HITECH, AERO & MANUFACTURING
- Quality & Safety
- Standards and Methodology
- Energy & Utilities
- ENERGY & UTILITIES
- IT Security
- Reliability (NERC / FERC)
- Quality and Safety
- Risk Management
- CPG & Retail
- CPG & RETAIL
- Retail Audit
- Quality & Safety
- Social Compliance
- Healthcare
- Food & Dietary Supplements
- Cross Industry Functions
When organizations outsource critical functions like technology and security solutions, the question on everyone’s mind is: When does our liability for a data breach end, and my vendor’s begin? The answer is not really simple. In most industries, you can contract away a responsibility or task, but not the liability related to compromised data. If your organization was breached today, whose name is going to be in the news? Who are your customers going to call? Who is going to get fined and possibly sued as a result of the breach? The list of questions goes on. At the end of the day, your organization will suffer the negative publicity, the reputation damage, and financial loss of the attack, even if your vendor actually caused your incident. Then there is the other side of the equation – how do you know that your vendor can truly support your organization, perform the tasks you’ve contracted them for, or cover your losses if the breach is their fault?
Vendor risk management and due diligence is something every organization should perform carefully, and there are a number of unique issues when considering the inherent risks associated with outsourced services.
The benefits of outsourcing are attractive for many reasons, but you need to ask yourself: Can you stake your organization’s well-being and financial stability on a vendor? If you answered no, then join us to discover:
- Weighing vendor risk and classifying critical / high risk vendors
- Imperative questions you need to ask your vendors
- Documentation to gather when outsourcing your technology and/or security solutions
- The troubles of relying too heavily on cyber insurance
- The unique ongoing due diligence needs of outsourced technology and/or security solutions
- Critical contract provisions
This course offers a unique opportunity for attendees to develop critical risk management skills to apply immediately upon returning to the office. This is a fast-paced, highly interactive workshop where attendees will develop a risk profile and risk management strategy using one of their own current or future vendors of choice.
In addition to course materials, attendees will receive a sample profile matrix, critical questions to ask your vendors, a sample checklist of minimum documentation requirements and valuable resources.
What to Bring: The speakers encourage you to bring a highlighter, pen, paper for additional notes, and your questions.
Dress Code: Casual. Be comfortable. You might want to bring a sweater if you tend to get cold easily.
Learning Objectives:
- Record unique risks of vendors who support an organizations’ technology and/or security solutions
- List the organization’s unique critical vendors
- Develop a risk profile
- Inventory appropriate risk management strategies
- Assemble a plan for managing vendor risk
Areas Covered:
- Weighing vendor risk and classifying critical / high risk vendors
- Imperative questions you need to ask your vendors
- Documentation to gather when outsourcing your technology and/or security solutions
- The troubles of relying too heavily on cyber insurance
- The unique ongoing due diligence needs of outsourced technology and/or security solutions
- Critical contract provisions
Who will Benefit:
Any individual responsible for managing risk related to outsourcing technology, security, or other services / solutions. Includes, but not limited to:
- Information Security
- Information Technology
- CPAs
- Operations
- Accounts Payable
- Risk Management / Risk Managers
- Business Continuity
- Management
- Registration Process: 8:30 AM – 9:00 AM
- 09:00 am – 09:30 am: Objectives; introductions; formally establish the agenda with attendee input
- 09:30 am – 10:15 am: Vendor Risk
- Types of risks presented by vendors
- Liability
- Identifying and profiling critical vendors
- Critical vendor assessment
- 10:15 am – 10:30 am: Break
- 10:30 am – 11:45 am: Risk Management Strategies
- RFPs
- Initial and ongoing due diligence
- Developing a risk profile
- Questionnaires
- Certification of Compliance
- Evidence and documentation
- Contracts and Service Level Agreements
- 11:45 am – 12:45 pm: Lunch
- 12:45 pm – 02:15 pm: Risk Management Strategies Cont’d
- 02:15 pm – 02:30 pm: Break
- 02:30 pm – 03:30 pm: Strategies Cont’d
- 03:30 pm – 04:00 pm: Q&A and Wrap-up
- 09:00 am – 10:15 am: Risk Management Strategies Cont’d and Group Exercise
- 10:15 am – 10:30 am: Break
- 10:30 am – 11:00 am: Group Exercise Cont’d
- 11:00 am - 11:30 am: Final Q&A, Wrap-up
Rayleen M Pirnie,
CEO, RP Payments Risk Consulting Services LLC
Rayleen is the founder and owner of RP Payments Risk Consulting Services, LLC. based in Missouri. She is a nationally recognized payments risk and fraud expert who offers specialized consulting services, procedural and risk management reviews, and payments education. Rayleen’s specialized skill is delving into the world beyond the payment rules; areas where organizations often find themselves in positions of liability or loss with little to no clear guidance. She is an Accredited ACH Professional (AAP) who has worked with all payment systems for nearly 20 years. Rayleen also holds a Bachelor’s of Science in Criminal Justice Administration.
Rayleen’s educational programs provide real-world, actionable information for financial institutions and businesses on topics ranging from payments risk management to information security. She authors payments risk and fraud blogs geared toward helping organizations recognize threats and protect themselves from loss.
Karen L Garrett,
Partner, Stinson Leonard Street LLP
Karen L Garrett, a frequent speaker, is a partner at Stinson Leonard Street LLP and Co-Chair of Stinson’s Banking and Financial Services division, and Stinson's FinTech practice group. She advises financial services businesses on payments, third party risk management, regulatory and operations matters, product development, compliance, M&A and other legal issues. Karen represents financial companies in connection with licensing applications and enforcement orders. She has provided legal support for cash management services, electronic transfer transactions, online services, mobile banking, prepaid, debit and credit cards and alternative lending and payments products. Karen is a graduate of the Northwestern University School of Law.
Location:
Chicago, IL
(Venue to be announced shortly)
September 13-14, 2018
We are pleased to offer several exhibitor, sponsorship and media partnership options designed to maximize your company's exposure and networking opportunities before, during and after the event.
Benefits of becoming a Sponsor/Exhibitor/Media Partner:
- Logo on website, marketing email, branding materials & the registration booth
- Exhibit Space
- Free event pass
- Speaking opportunity
- Social media campaign
For more details and other sponsorship options at this event, please contact Event Manager: customercare@complianceonline.com or call: +1-650-238-9656
Media Partner:
Local Attractions of Chicago, IL
Windy
One of the more breathtaking scenes on the lake is this tall ship approaching the docks at Navy Pier. The 148-foot four-masted schooner (and its new sister ship, the Windy II ) sets sail for 90-minute cruises two to five times a day, both day and evening. (Because the boats are sometimes booked by groups, the schedule changes each week; call first to confirm sailing times). The boats are at the whims of the wind, so every cruise charts a different course. Passengers are welcome to help raise and trim the sails and occasionally take turns at the ship's helm (with the captain standing close by). The boats are not accessible for people with disabilities.
Adler Planetarium and Astronomy Museum
The building may be historic (it was the first planetarium in the Western Hemisphere), but some of the attractions here will captivate the most jaded video-game addict.
Your first stop should be the modern Sky Pavilion, where the don't-miss experience is the StarRider Theater. Settle down under the massive dome, and you'll take a half-hour interactive virtual-reality trip through the Milky Way and into deep space, featuring a computer-generated 3-D-graphics projection system and controls in the armrest of each seat. Six high-resolution video projectors form a seamless image above your head -- you'll feel as if you're literally floating in space. If you're looking for more entertainment, the Sky Theater shows movies with an astronomical bent; recent shows have included Secrets of Saturn and Mars Now!
Arlington International Racecourse
With its gleaming-white, palatial, six-story grandstand and lush gardens, this racecourse is one of the most beautiful showcases for thoroughbred horse racing in the world. Its storied history stretches back to 1927, and such equine stars as Citation, Secretariat, and Cigar have graced the track. The annual Arlington Million (the sport's first million-dollar race, held in mid-Aug) attracts top jockeys, trainers, and horses and is part of the World Series Racing Championship, which includes the Breeders Cup races. Arlington's race days are thrilling to behold, with all of racing's time-honored pageantry on display -- from the bugler in traditional dress to the parade of jockeys.
Art Institute of Chicago
You can't -- and shouldn't -- miss the Art Institute. (You really have no excuse, since it's conveniently located right on Michigan Ave. in the heart of downtown.) No matter what medium or century interests you, the Art Institute has something in its collection to fit the bill. Japanese ukiyo-e prints, ancient Egyptian bronzes, Greek vases, 19th-century British photography, masterpieces by most of the greatest names in 20th-century sculpture, and modern American textiles are just some of the works on display, but for a general overview of the museum's collection, take the free "Highlights of the Art Institute" tour Saturday and Sunday.
Auditorium Building and Theatre
A truly grand theater with historic-landmark status, the Auditorium gives visitors a taste of late-19th-century Chicago opulence. Because it's still a working theater -- not a museum -- it's not always open to the public during the day; to make sure you'll get in, schedule a guided tour, which are offered on Mondays at 10am and noon.
Designed and built in 1889 by Louis Sullivan and Dankmar Adler, the 4,000-seat Auditorium was a wonder of the world: the heaviest (110,000 tons) and most massive modern edifice on earth, the most fireproof building ever constructed, and the tallest building in Chicago. It was also the first large-scale building to be lit by electricity, and its theater was the first in the country to install air-conditioning. Originally the home of the Chicago Opera Company, Sullivan and Adler's masterpiece is defined by powerful arches lit by thousands of bulbs and features Sullivan's trademark ornamentation -- in this case, elaborate golden stenciling and gold plaster medallions. It's equally renowned for otherworldly acoustics and unobstructed sightlines.
We need below information to serve you better
