ISO in the Sun: Third Party Supplier and Vendor Risk Management

Total time
Trainer
Martin Holzke

ISO in the Sun: Third Party Supplier and Vendor Risk Management

ISO in the Sun
Logo ISO in the Sun

Ready to work on your personal development? Book now!

Starting dates and places

There are no known starting dates for this product.

Description

This five day course provides an overview to principles of third party supplier and vendor security risk assessment and management and how to implement the respective function in an organisation.

Overview

This five day course enables participants to develop the necessary expertise to support organisations implementing and effectively managing third-party supplier and vendor risk.

Hardly a day goes by without hearing about yet another organisation's data being compromised after hackers gained access to it through a third party supplier or vendor. Each incident highlights that in addition to inhouse information security, organisations now also need to ensure that their third party suppliers…

Read the complete description

Frequently asked questions

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.

Didn't find what you were looking for? See also: Risk Management, Sun, Governance, Retail (Management), and Project Management.

This five day course provides an overview to principles of third party supplier and vendor security risk assessment and management and how to implement the respective function in an organisation.

Overview

This five day course enables participants to develop the necessary expertise to support organisations implementing and effectively managing third-party supplier and vendor risk.

Hardly a day goes by without hearing about yet another organisation's data being compromised after hackers gained access to it through a third party supplier or vendor. Each incident highlights that in addition to inhouse information security, organisations now also need to ensure that their third party suppliers and vendors' (cyber) security standards meet or exceed their own.

The course consists of a mix of presentation, discussion and drawing on real live case studies.

Outline

Introduction to Outsourcing Essentials

  • Fundamentals of effective Outsourcing
  • Understanding the Organisation
  • Clarifying Outsourcing Objectives
  • Analysis of existing Outsourcing

Planning the Implementation of Outsourcing

  • Risk Management Framework
  • Third-Party Supplier and Vendor Risk Governance
  • Outsourcing Policy
  • Business Continuity
  • Internal Audit
  • Communication, Training and Awareness, Documentation

Implementation of Outsourcing Process Activities

  • Pre-outsourcing Analysis
  • The Outsourcing Contractual Phase
  • Information System and Data Security
  • Access, Information and Audit Rights
  • Due Diligence and Risk Assessment of Outsourcing Arrangement
  • Oversight of the Outsourcing Arrangement and Exit strategy

Monitoring and Control of Outsourcing Arrangements

  • Inventory and Risk-based Segmentation of Service Providers
  • Establishment of Management Control Groups
  • Periodic Reviews, Reporting Policies and Procedures
  • Performing Information Security Control Assessments

Cloud Outsourcing

  • Essentials on Outsourcing to Cloud Service Providers

Objectives

Completion of this course will enable students to

  • Understand best practice for establishing, implementing, operating, monitoring, reviewing, maintaining and improving third party supplier and vendor security controls to protect outsourced information assets
  • Gain a comprehensive understanding of the concepts and approaches of effective risk-based outsourcing
  • Manage a team implementing outsourcing
  • Gain knowledge and skills required to advise organisations on how to implement effective risk-based outsourcing

Audience

This course is aimed at students with (future) roles like

  • Project managers, consultants and team members implementing third-party supplier and vendor risk management
  • CxO and senior managers
  • Procurement Professionals / Auditors requiring third party supplier and vendor risk management insight

Prerequisites

General understanding of common business processes.

Some past exposure to risk management and / or management systems helpful, but not required..

Examination and Certification

The course ends with a three hour written essay-style exam in English on the last day.

This course has been designed by SoftQualM and partners, who also mark the exam and issue the Cyber Security Professional certification in accordance with ISO/IEC 17024:2012.

Exam and first year certification fees are included in the course fees.

Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations. As conformity with the respective ISO standards increasingly becomes a requirement to do business, management and their staff wonder how to get there.

ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management hosted by SoftQualM in the beautiful surroundings of Lanzarote in the Canary Islands, Spain. This is the ideal opportunity to combine your continuing professional education with a break in the sun, and even save compared to attending similar courses in the typical metropolitan settings. Students come from all kinds of industries and sizes of organisation, from freelance consultants and auditors to EU institutions. 

There are no reviews yet.

Share your review

Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate $1.- to Stichting Edukans.
Martin Holzke
Martin Holzke
ISO in the Sun: Continuing Professional Education in beautiful Lanzarote

There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.