ISO in the Sun: Third Party Supplier and Vendor Risk Management
Starting dates and places
Description
This five day course provides an overview to principles of third party supplier and vendor security risk assessment and management and how to implement the respective function in an organisation.
Overview
This five day course enables participants to develop the necessary expertise to support organisations implementing and effectively managing third-party supplier and vendor risk.
Hardly a day goes by without hearing about yet another organisation's data being compromised after hackers gained access to it through a third party supplier or vendor. Each incident highlights that in addition to inhouse information security, organisations now also need to ensure that their third party suppliers…
Frequently asked questions
There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.
This five day course provides an overview to principles of third party supplier and vendor security risk assessment and management and how to implement the respective function in an organisation.
Overview
This five day course enables participants to develop the necessary expertise to support organisations implementing and effectively managing third-party supplier and vendor risk.
Hardly a day goes by without hearing about yet another organisation's data being compromised after hackers gained access to it through a third party supplier or vendor. Each incident highlights that in addition to inhouse information security, organisations now also need to ensure that their third party suppliers and vendors' (cyber) security standards meet or exceed their own.
The course consists of a mix of presentation, discussion and drawing on real live case studies.
Outline
Introduction to Outsourcing Essentials
- Fundamentals of effective Outsourcing
- Understanding the Organisation
- Clarifying Outsourcing Objectives
- Analysis of existing Outsourcing
Planning the Implementation of Outsourcing
- Risk Management Framework
- Third-Party Supplier and Vendor Risk Governance
- Outsourcing Policy
- Business Continuity
- Internal Audit
- Communication, Training and Awareness, Documentation
Implementation of Outsourcing Process Activities
- Pre-outsourcing Analysis
- The Outsourcing Contractual Phase
- Information System and Data Security
- Access, Information and Audit Rights
- Due Diligence and Risk Assessment of Outsourcing Arrangement
- Oversight of the Outsourcing Arrangement and Exit strategy
Monitoring and Control of Outsourcing Arrangements
- Inventory and Risk-based Segmentation of Service Providers
- Establishment of Management Control Groups
- Periodic Reviews, Reporting Policies and Procedures
- Performing Information Security Control Assessments
Cloud Outsourcing
- Essentials on Outsourcing to Cloud Service Providers
Objectives
Completion of this course will enable students to
- Understand best practice for establishing, implementing, operating, monitoring, reviewing, maintaining and improving third party supplier and vendor security controls to protect outsourced information assets
- Gain a comprehensive understanding of the concepts and approaches of effective risk-based outsourcing
- Manage a team implementing outsourcing
- Gain knowledge and skills required to advise organisations on how to implement effective risk-based outsourcing
Audience
This course is aimed at students with (future) roles like
- Project managers, consultants and team members implementing third-party supplier and vendor risk management
- CxO and senior managers
- Procurement Professionals / Auditors requiring third party supplier and vendor risk management insight
Prerequisites
General understanding of common business processes.
Some past exposure to risk management and / or management systems helpful, but not required..
Examination and Certification
The course ends with a three hour written essay-style exam in English on the last day.
This course has been designed by SoftQualM and partners, who also mark the exam and issue the Cyber Security Professional certification in accordance with ISO/IEC 17024:2012.
Exam and first year certification fees are included in the course fees.
Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations. As conformity with the respective ISO standards increasingly becomes a requirement to do business, management and their staff wonder how to get there.
ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management hosted by SoftQualM in the beautiful surroundings of Lanzarote in the Canary Islands, Spain. This is the ideal opportunity to combine your continuing professional education with a break in the sun, and even save compared to attending similar courses in the typical metropolitan settings. Students come from all kinds of industries and sizes of organisation, from freelance consultants and auditors to EU institutions.
Share your review
Do you have experience with this course? Submit your review and help other people make the right choice. As a thank you for your effort we will donate $1.- to Stichting Edukans.There are no frequently asked questions yet. If you have any more questions or need help, contact our customer service.