Interop ITX 2017 Schedule Viewer

Herding Vendors: Implementing Third Party Risk Programs

Interop ITX 2017 Schedule Viewer

Use this interactive agenda to get an overview of our ever-growing conference program and to sort sessions by pass type, track, day/time, and speaker. Many more sessions will be added in the weeks to come.

All SessionsSpeakersMy Schedule
View Sessions As:
  • Herding Vendors: Implementing Third Party Risk Programs

    • Peter Gregory  |  Executive Director - Advisory, Optiv Security
    Location:  TBD
    Format: Conference Session
    Track: Security
    Pass Type: All Access, Conference - Get your pass now!
    Vault Recording: TBD

    The structure of most organizations' information processing involves large numbers of third party organizations that have access to organizations' most critical and sensitive data. Even modest sized organizations have hundreds of third parties. Without mature structure for effective management of third parties, organizations fail to uncover and manage risks they would find unacceptable had they been known. This session discusses program structure for managing third party risk, including the concept of risk tiering, based on various criteria, with corresponding levels and types of due diligence activities, including short and long questionnaires, requests for evidence, on-site visits, assessments by expert security firms, and intrusive monitoring.