top of page
Agenda Header.png

Don't Go Backwards: The Path to More in Evolving VRM

April 10, 2024

4:10 - 5:00 PM

Valley of the Sun E

There’s always more to do in vendor risk management: more data to collect, more assessment requests to send, more follow up. But in response, most of us end up accepting less: less control, less information to drive decisions, and less certainty about risk. It can feel like moving backwards.

Well, you don’t have to cut corners to achieve VRM excellence. In this session, we’ll be sharing the

essential steps every third party risk-management team can take to improve security outcomes, create additional business value in the assessment process, and reduce the time spent conducting assessments.

You’ll learn how to:

  • Build better alignment with key stakeholders in the business

  • Leverage AI to create immediate wins through automation

  • Demonstrate ROI from VRM without additional headcount or long-term costs

John Finizio | VP, Security, Risk & Compliance | Whistic

John, a seasoned professional with 20 years of experience in Security, Audit, Third Party Risk, and Product, serves as VP, Security, Risk and Compliance at Whistic.

In this role, he safeguards Whistic's assets, data, and systems from cybersecurity threats and works to improve the risk and compliance posture at Whistic. As a dedicated thought leader, John contributes to shaping the future of Third Party Risk Management (TPRM) and is currently serving a second term on the Shared Assessments US Steering Committee, bringing a wealth of expertise.

Previously, as Sr. Director of Technical Programs, John collaborated with partners and customers, integrating standards into the product and managing Whistic's Professional Services. His background played a pivotal role in the strategic design of the Whistic platform and helping to build and mature TPRM Programs for Whistic's customers.

With a diverse career, including roles such as Head of Product at TruSight and Executive Director of Supplier Assurance at JPMorgan Chase, John has been instrumental in advancing TPRM practices.

Based in Columbus, Ohio, with his wife and three children, John's enjoys playing or watching golf and if not playing or watching, he enjoys talking about golf. Connect with John to explore his insights on TPRM and cybersecurity.

bottom of page