Course description
This Rcademy course aims to give a complete overview of third-party vendor risk management (TPVRM) from the scope definition through the robust framework to the daily activities of the process of TPVRM. The TPVRM course at Rcademy will focus on cloud technologies, supply chain risk, and emerging rules on the TPVRM life cycle. In addition, there has been detailed growth of the best practice methods to incorporate new principles and higher resiliency in the company. Using interactive group works, the participants will illustrate the correct control and monitoring assessment, execute procurement techniques, and know the importance of documentation to improve third-party vendor risk management.
What are the six risks in managing the third party?
Financial risk, operational risk, strategic risk, cybersecurity risk, reputational risk, and compliance risk.
How to assess the third-party risk?
A person can identify the third-party threat by knowing the potential dangers posed by third-party associations. Secondly, classify the vendors. Thirdly, review service level agreements (SLAs). Fourth, assess the risk for personal vendors. Fifth, question the vendors. Sixth is auditing specific vendors. Lastly, do continuous monitoring.
The Third Party Vendor Risk Management Certification Training Course by Rcademy incorporates a worldwide best practices framework. It draws from top expertise and experience and uses real-life examples in its teaching.
Upcoming start dates
Suitability - Who should attend?
The objectives of the Third Party Vendor Risk Management Certification Training Course by Rcademy are to enable professionals to:
- Understanding the third-party vendor risk framework overview
- Learning the issues and pitfalls of the control of third-party risks
- Determining the relationship between the risk vendor management and supply chain management and the different types of threats such as compliance, cyber, crime, financial, and business disruption
- Learning the third-party controls and risks-process needs, methods, and tools
- Understanding the information on TPVRM
- Determining the TPVRM opportunities and risks
- Learning the third-party risk vendors‘ control, such as risk response options, resilience, strategic risk management, operating techniques, and reporting and monitoring
Training Course Content
Module 1: Defining Third-Party Vendor Risk Management
- Illustrating the scope of third-party vendor risk management
- Classifying of third parties
- How third parties get covered
Module 2: Understanding and Identifying the Dangers Associated with Third Parties
- Recognizing the goals affected by third parties
- Direct risks to your company
- Defining the types of effects from the third-party risks
- Indirectly treats within your third parties
- Implementation of risk bow tie evaluation to understand and control the treats
- Creating a taxonomy of the third-party risks
Module 3: Compliance Requirements
- Knowing the critical compliance needs of the third-party vendor risk management, such as
– Modern slavery
– Outsourcing
– Data and privacy protection
– Corruption and anti-bribery
– Due diligence - Factoring compliance and compliance control into your process of the TPVRM
Module 4: A Third-Party Vendor Risk Management Framework
- Should match with ISO 31000
- Mapping the eight aspects of ISO 31000 to your third-party vendor risk management activity
– Risk analysis
– Risk treatment
– Consult and communicate. Consider negative language
– Context, scope, and criteria
– Risk evaluation reporting and recording
– Review and monitoring - Mapping a third-party vendor risk management
Module 5: The Steps of Mapping the Third-Party Vendor Risk Management
- Initial tiering and screening
- Selection of third party and process
- Approval and decision process
- Ongoing maintenance and monitoring
- Onboarding, such as contractual needs
- Offboarding
- Incident control: failure and non-performance
- Linkage to various risk types and processes
– Linkage to operational resilience
– Link to internal basic types such as fraud, cyber, technology, and data
Module 6: Ongoing Maintenance and Monitoring
- Ongoing compliance
- Due diligence updates
- Continuous control, such as training of the third party
- Contract assessment or ongoing SLA
- Treatment and escalation
- Risk monitoring and metrics, internal and external information, and alerts
- Analytics and Reporting
Module 7: Initial Tiering, Screening, and Due Diligence
- Sourcing the data: internal or the use of the third-party bureaus
- Essential factors to focus on in the initial screen, such as financial security and data security
- Tiering methodology to know the importance of third parties
- The responsibility and link to risk appetite
- Determining the due diligence extent
- Performing due diligence
Module 8: Roles, Governance, Responsibilities, and Accountability
- The roles of each person
– Procurement
– Overall ownership
– The business
– Risk management - Ensuring responsibility, clear ownership, and accountability for total activity
- The responsibility of the three lines
- Developing the correct culture for control of third-party risk management
Module 9: Complete Risk Control of the Third Parties
- Holding your enterprise risk management (ERM) framework
– Control assessment and assurance
– Risk assessment
– Key risk indicators and metrics
– Actions and issues control
– Incident management
– Compliance management - Integrating your third-party vendor risk management in the whole ERM framework
- Third-party vendor risk management reporting
Course delivery details
The third-party vendor risk management program at Rcademy uses learning methods driven by the right studying goals supported by significant objectives and curriculum. The student’s understanding will be assessed through quizzes, experimental studying, assignments, final exams, and company group development strategy audits. There are in-depth instructions for all the activities in the program at Rcademy. Note that the success of the studying partition process relies on your role in reading the assigned resources, such as text chapters and other instructional resources given during the course. The final exam will allow the participants at Rcademy the chance to show the things they learned beyond this course to their major. The instructor will monitor all learning activities to help ensure that they meet the intended learning goals.
This Rcademy training course will assist you in learning about the topics covered in the course outline using proven adult studying materials and facilitation methods. The seminar techniques include role play, case study, and group discussions evaluating and analyzing the primary challenges facing third-party vendor risk control.
The TPVRM course is specially structured to ensure that it gives participants skills and knowledge for professional growth.
Request info
Rcademy
Rcademy is a global training and consultation organisation set out to bridge the gap between you now and what you can be in the near future. We are facilitators of knowledge impartation. Our team of established and experienced training enthusiasts...