- Banking & Financial Services
- BANKING & FINANCIAL SERVICES
- Banks and Credit Unions
- Financial Services and Trading
- Insurance
- Accounting and Taxation
- Life Sciences
- Hitech, Aero & Manufacturing
- HITECH, AERO & MANUFACTURING
- Quality & Safety
- Standards and Methodology
- Energy & Utilities
- ENERGY & UTILITIES
- IT Security
- Reliability (NERC / FERC)
- Quality and Safety
- Risk Management
- CPG & Retail
- CPG & RETAIL
- Retail Audit
- Quality & Safety
- Social Compliance
- Healthcare
- Food & Dietary Supplements
- Cross Industry Functions
When organizations outsource critical functions like technology and security solutions, the question on everyone’s mind is: When does our liability for a data breach end, and my vendor’s begin? The answer is not really simple. In most industries, you can contract away a responsibility or task, but not the liability related to compromised data. If your organization was breached today, whose name is going to be in the news? Who are your customers going to call? Who is going to get fined and possibly sued as a result of the breach? The list of questions goes on. At the end of the day, your organization will suffer the negative publicity, the reputation damage, and financial loss of the attack, even if your vendor actually caused your incident. Then there is the other side of the equation – how do you know that your vendor can truly support your organization, perform the tasks you’ve contracted them for, or cover your losses if the breach is their fault?
Vendor risk management and due diligence is something every organization should perform carefully, and there are a number of unique issues when considering the inherent risks associated with outsourced services.
The benefits of outsourcing are attractive for many reasons, but you need to ask yourself: Can you stake your organization’s well-being and financial stability on a vendor? If you answered no, then join us to discover:
- Weighing vendor risk and classifying critical / high risk vendors
- Imperative questions you need to ask your vendors
- Documentation to gather when outsourcing your technology and/or security solutions
- The troubles of relying too heavily on cyber insurance
- The unique ongoing due diligence needs of outsourced technology and/or security solutions
- Critical contract provisions
This course offers a unique opportunity for attendees to develop critical risk management skills to apply immediately upon returning to the office. This is a fast-paced, highly interactive workshop where attendees will develop a risk profile and risk management strategy using one of their own current or future vendors of choice.
In addition to course materials, attendees will receive a sample profile matrix, critical questions to ask your vendors, a sample checklist of minimum documentation requirements and valuable resources.
What to Bring: The speakers encourage you to bring a highlighter, pen, paper for additional notes, and your questions.
Dress Code: Casual. Be comfortable. You might want to bring a sweater if you tend to get cold easily.
Learning Objectives:
- Record unique risks of vendors who support an organizations’ technology and/or security solutions
- List the organization’s unique critical vendors
- Develop a risk profile
- Inventory appropriate risk management strategies
- Assemble a plan for managing vendor risk
Areas Covered:
- Weighing vendor risk and classifying critical / high risk vendors
- Imperative questions you need to ask your vendors
- Documentation to gather when outsourcing your technology and/or security solutions
- The troubles of relying too heavily on cyber insurance
- The unique ongoing due diligence needs of outsourced technology and/or security solutions
- Critical contract provisions
Who will Benefit:
Any individual responsible for managing risk related to outsourcing technology, security, or other services / solutions. Includes, but not limited to:
- Information Security
- Information Technology
- CPAs
- Operations
- Accounts Payable
- Risk Management / Risk Managers
- Business Continuity
- Management
- Registration Process: 8:30 AM – 9:00 AM
- 09:00 am – 09:30 am: Objectives; introductions; formally establish the agenda with attendee input
- 09:30 am – 10:15 am: Vendor Risk
- Types of risks presented by vendors
- Liability
- Identifying and profiling critical vendors
- Critical vendor assessment
- 10:15 am – 10:30 am: Break
- 10:30 am – 11:45 am: Risk Management Strategies
- RFPs
- Initial and ongoing due diligence
- Developing a risk profile
- Questionnaires
- Certification of Compliance
- Evidence and documentation
- Contracts and Service Level Agreements
- 11:45 am – 12:45 pm: Lunch
- 12:45 pm – 02:15 pm: Risk Management Strategies Cont’d
- 02:15 pm – 02:30 pm: Break
- 02:30 pm – 03:30 pm: Strategies Cont’d
- 03:30 pm – 04:00 pm: Q&A and Wrap-up
- 09:00 am – 10:15 am: Risk Management Strategies Cont’d and Group Exercise
- 10:15 am – 10:30 am: Break
- 10:30 am – 11:00 am: Group Exercise Cont’d
- 11:00 am - 11:30 am: Final Q&A, Wrap-up
Rayleen M Pirnie,
CEO, RP Payments Risk Consulting Services LLC
Rayleen is the founder and owner of RP Payments Risk Consulting Services, LLC. based in Missouri. She is a nationally recognized payments risk and fraud expert who offers specialized consulting services, procedural and risk management reviews, and payments education. Rayleen’s specialized skill is delving into the world beyond the payment rules; areas where organizations often find themselves in positions of liability or loss with little to no clear guidance. She is an Accredited ACH Professional (AAP) who has worked with all payment systems for nearly 20 years. Rayleen also holds a Bachelor’s of Science in Criminal Justice Administration.
Rayleen’s educational programs provide real-world, actionable information for financial institutions and businesses on topics ranging from payments risk management to information security. She authors payments risk and fraud blogs geared toward helping organizations recognize threats and protect themselves from loss.
Karen L Garrett,
Partner, Stinson Leonard Street LLP
Karen L Garrett, a frequent speaker, is a partner at Stinson Leonard Street LLP and Co-Chair of Stinson’s Banking and Financial Services division, and Stinson's FinTech practice group. She advises financial services businesses on payments, third party risk management, regulatory and operations matters, product development, compliance, M&A and other legal issues. Karen represents financial companies in connection with licensing applications and enforcement orders. She has provided legal support for cash management services, electronic transfer transactions, online services, mobile banking, prepaid, debit and credit cards and alternative lending and payments products. Karen is a graduate of the Northwestern University School of Law.
Location
San Diego, CA
(Venue to be announced shortly)
August 2-3, 2018
We are pleased to offer several exhibitor, sponsorship and media partnership options designed to maximize your company's exposure and networking opportunities before, during and after the event.
Benefits of becoming a Sponsor/Exhibitor/Media Partner:
- Logo on website, marketing email, branding materials & the registration booth
- Exhibit Space
- Free event pass
- Speaking opportunity
- Social media campaign
For more details and other sponsorship options at this event, please contact Event Manager: customercare@complianceonline.com or call: +1-650-238-9656
Media Partner:
Local Attractions of San Diego, CA
San Diego Cabrillo National Monument
Board a luxurious Think Escape party bus or limo and be whisked away to San Francisco's hottest nightclubs where VIP treatment brings all party bus guests to the front of the line. Board a luxurious Think Escape party bus or limo and be whisked away to San Francisco's hottest nightclubs where VIP treatment brings all party bus guests to the front of the line. Board a luxurious Think Escape party bus or limo and be whisked away to San Francisco's hottest nightclubs where VIP treatment brings all party bus guests to the front of the line.
Sea Creatures at Birch Aquarium
Birch Aquarium is north of San Diego in La Jolla. It's not as big as some of the other aquariums in California or as flashy as the big sea-themed park down the road, but instead just right, filled with interesting exhibits and home to leafy sea dragons like the one above, creatures so improbably they look more like something from a children's book than from the ocean.
Legoland
Legoland theme park takes its inspiration from Lego toys, those cute little bricks that snap together to build all kinds of fun things. It's one of several Legolands worldwide.
San Diego Zoo Safari Park
The San Diego Zoo's sister park offers a different kind of animal experience. Its name (Safari Park) is the clue and it indeed offers a more safari-like experience. Lots of large animals live in the same big, open areas here - predators kept away from prey, but otherwise much as they would in their natural habitat.
Coronado Island
Coronado isn't really an island but a peninsula - a fact that doesn't get in the way of the name most people use for it. Whatever you call it, it's on a slender strip of land between the San Diego Bay and the Pacific Ocean, barely a few blocks wide. What it lacks in size it makes up for in fun, with a beach that's been named among the best in the country, a classic hotel and a compact, lively little downtown. Coronado's laid-back temperament makes a nice break from the busier parts of San Diego across the water.
Balboa Park
Originally built for temporary use during the 1915-16 Panama-California Exposition in San Diego, Balboa Park boasts buildings beautiful enough to be considered attractions in themselves, especially if you're a photographer. They're surrounded by trees, lawns and fountains, but that's only the beginning.
We need below information to serve you better
