top of page
Agenda Header.png

Don’t Recreate the TPRM Wheel: Foster Standardization of Operations to Combat Outsourcer Assessment Fatigue (OAF)

April 11, 2024

10:00 - 10:50 AM


Outsourcer assessment fatigue (OAF) is real. It has widespread effects on not just the outsourcer’s TPRM professionals, but the outsourcer’s internal staff along with the staff at your third party vendors. One way to combat OAF is to foster standardized methods such as the establishment of an effective vendor risk package, strategy, and playbook. In this session, I will provide guidance on how to create such a package, and discuss tools and tactics to gain acceptance from not only internal stakeholders, but from your vendors as well.

Tom Garrubba | Independent Consultant

Tom Garrubba is an internationally recognized thought leader, lecturer, commentator and blogger with more than 20 years’ experience in cyber, privacy, audit, compliance, and consulting. He’s provided thought leadership to industries and organizations of all sizes via such outlets as Forbes, The Washington Times, Bloomberg, SC Magazine, Corporate Compliance Insights,, CIO Magazine, Government Health IT, Future of Outsourcing Magazine, and ISACA. He’s authored the chapter on Third Party Risk for the book “Cyber Risk” and has been featured on numerous podcasts including Business Security Weekly and the Virtual CISO Podcast. He hosts “TPRM Tidbits”, a weekly LinkedIn podcast focusing on current TPRM topics, and is an instructor for the CTPRP and CTPRA certifications. Previously, Tom held the roles of SME and VP/CISO at Shared Assessments and Senior Privacy Manager at a CVS Health where he implemented and managed their world-class third party risk program.

bottom of page