Search Results

Learn more about S&P Global Market Intelligence, a TPRA Partner Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > S&P Global Market Intelligence TPRM Services Partner Member CONTACT INFORMATION Caitlin Bray Senior Marketing Manager caitlin.bray@spglobal.com Luke Nordlie Head of Business Development, S&P Global Supplier Risk Solutions luke.nordlie@spglobal.com Justin Quinn Director, KY3P Sales justin.quinn@spglobal.com (646) 233 - 3883 At S&P Global KY3P®, we understand the importance of reliable, deep, and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. Through our integrated suite of leading solutions for managing end-to-end third-party and vendor risk, KY3P enables customers to streamline due diligence, standardize workflow, and drive organizational transparency. Our powerful solutions endow customers with the tools, insights, and level of support to be able to devote their attention to making high-quality risk management decisions. From onboarding and oversight to due diligence and monitoring, KY3P allows customers to enforce compliance by codifying vendor risk policies and oversight procedures. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES End-to-End Third-Party Risk Management Third-Party Vendor Onboarding & Oversight provides a standardized rules-based workflow to automate third party risk activities across the lifecyle. Third-Party Due Diligence Monitoring enables efficient collection and analysis of due diligence data from third parties. Assessments Services facilitates the efficient exchange of standardized, fully validated risk data between service providers and their customers. Operational clarity for stakeholders driven by a robust workflow engine with a full audit trail. Monitoring Data: Access actionable risk insights and customizable alerts on your third-party portfolio across a range of risk domains. Create and track remediation tickets, expected due dates, plan, priority and evidentiary documents and status. Outreach to third parties in response to specific events (weather, war, terror, cyber, pandemic, and other risk types) to quickly identify and assess the impact of a vulnerability, business continuity event or other significant event. Integrated Tableau provides out-of-the-box interactive reporting dashboards and bespoke reporting capability. Assessment methodology covers 26 diversified control categories across 9 Risk Domains, providing a comprehensive view of your third party’s control environment. RESOURCES FROM THIS VENDOR MEMBER Three Key Elements to Unlock a Seamless, Stress-Free, and Leadership-Worthy Third-Party Risk Management (TPRM) Program VENDOR MEMBER RESOURCE | June 11, 2025 Onsite Assessments: A Historic Tool in Third-Party Risk Management VENDOR MEMBER RESOURCE | June 11, 2025 Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next

Learn about Dhriti Gupta, Vendor Manager ( DVMO)- Divisional Vendor Management Officer for Deutsche Bank, and TPRA's WNTPRM December 2024 Leader Spotlight. < See All < Previous Next > Dhriti Gupta Vendor Manager ( DVMO)- Divisional Vendor Management Officer Deutsche Bank Biography With 14 years of experience, I'm a seasoned professional specializing in Risk Management, Third Party Risk Management (TPRM), Vendor Management, Cybersecurity, Procurement, Governance, Contract Management, Banking, Audit, IT Project Delivery Management, Information and Security Risk, and Operational Risk & Resilience. I bring 8 years of specialized expertise in TPRM, vendor management , governance and Operational Risk with deeper knowledge in IT Project Delivery, Cybersecurity, Pentesting, Disaster Recovery, and Business Continuity, driving comprehensive risk oversight and strategic resilience. Leadership Characteristics As a candidate for a leadership role, I bring visionary thinking that will guide our team toward future success, coupled with unwavering integrity that ensures ethical decision-making. My emotional intelligence allows me to connect deeply with each team member, fostering a collaborative and inclusive environment. I am resilient in the face of challenges, adapting swiftly to change, and I make decisive choices that propel us forward. My innovative mindset drives creative solutions to complex problems, and my effective communication skills ensure that ideas are conveyed clearly and persuasively. Above all, I am committed to promoting diversity and inclusivity, ensuring that every voice is heard and valued. Leadership Challenges Balancing work-life demands, securing mentorship, fostering diverse teams are leadership challenges I've tackled. My resilience, strategic vision, and commitment to inclusivity have driven success and inspired others, making me a strong candidate for the Women in Leadership nomination. Key Take-a-ways Third Party Risk Management (TPRM) enhances risk oversight, ensures compliance, and protects against disruptions. By fostering resilience and informed decision-making, TPRM builds trust, strengthens partnerships, and drives sustainable success, providing a critical competitive edge in a dynamic market landscape. Fun Fact I love painting and dancing, expressing creativity through vibrant colors and rhythmic movements. These hobbies fuel my imagination, help me unwind, and bring balance to my life amid the fast-paced world.

FOR IMMEDIATE RELEASE Interos and Aravo Awarded 2025 Excellence Awards by Third Party Risk Association Monday, March 24, 2025 Interos and Aravo Named Third Party Risk Association's (TPRA) 2025 Excellence Award Winners in the Categories of Risk Rating/Risk Intelligence and TPRM Platform ANKENY, IOWA — MARCH 24, 2025 — Last week, the Third Party Risk Association (TPRA) announced their 2025 winners for the Excellence Awards, a sub-category of their Third Party Risk Management (TPRM) Service Provider Innovator Award. “These organizations are constantly pushing boundaries, developing forward-thinking solutions, and streamlining risk management processes,” said Julie Gaiaschi, CEO and Co-founder of TPRA, during the award announcement speech. “They also empower practitioners to think smarter, react faster, and provide efficiencies in assessing, mitigating, and monitoring third party risk.” To celebrate TPRM service providers’ relentless dedication and industry-transforming contributions, TPRA established the Innovator Award in 2022, creating the new Excellence Award sub-categories in 2025. TPRA had a total of 30 nominations for the award this year in the categories of GRC/TPRM Platform, Risk Ratings/Intelligence Tools, and TPRM Services. Seven organizations were chosen as finalists, with two organizations, Aravo and Interos , named as Excellence Award winners in their respective tool categories. Aravo , the TPRM Platform Excellence Award winner, uses their AI engine to collaborate with multiple risk intelligence partners to enable customers to access authorized information as their primary information and assessment vehicle. This “Intelligence First” approach shifts risk assessments away from questionnaires towards real-time intelligence integrations, focusing on actual evidence and reports obtained and comparing it to control frameworks. The Excellence Award winner for Risk Rating/Intelligence, Interos , is redefining supplier resilience through AI-powered, real-time visibility. Their platform allows you to anticipate disruptions, ensuring programs move from reactive to proactive and predictive. For example, they allow you to see the impact of tariffs on global trade and your supply chain. To learn more about this program and its winners, visit https://www.tprassociation.org/innovator-award . ### The Third Party Risk Association was created out of a necessity to build a community of like-minded third party risk professionals to allow for the sharing of best practices, exchanging of ideas, and influencing of an industry. This organization is a 501(c)(6) not-for-profit. MEDIA CONTACT Meghan Schrader Meghan.schrader@tprassociation.org www.tprassociation.org FOR MORE INFORMATION https://www.tprassociation.org/innovator-award Previous Next

Learn about Merav Vered, VP GRC & Strategic Intiatives for Vendict Ltd., and TPRA's WNTPRM October 2023 Leader Spotlight. < See All < Previous Next > Merav Vered VP GRC & Strategic Intiatives Vendict Ltd. Biography Merav has 29 years of professional experience in Cybersecurity, focusing on developing security methodologies, regulation, consulting, and management of information security companies. In her experience, she has accompanied hundreds of organizations in certification audits for compliance with ISO Standards 27001, 27799, 27032, GDPR, and the Israeli Privacy Protection Law. This is both as the actual executor of the preparation and as the manager of the advisory team working in the field. Merav has vast experience in information security strategic consultancy to management in organizations, worldwide. In addition, she managed tech consulting areas, which included penetration tests and risk surveys. Merav's first role in the Information Security field was as Head of TPRM in one of the largest mobile companies in the country. "There were no best practices or methodologies back then, and I practically constructed them from scratch. I'm proud to say that 99% of these have become commonly used global best practices of TPRM." Leadership Characteristics Merav is always willing to listen, open to learning, keen to teach, and hungry to achieve. Leadership Challenges Merav's main leadership challenge was to locate the very precise team members who would strive to develop with similar professional concepts and personal aspirations as herself so that they could create an effective work engine, capable of leaving their mark. Key Take-a-ways "My favorite part of TPRM is the challenging moment in which I see the sudden change of expression in a CEO's eyes, when he/she realizes that TPRM is not a pain for the organization, but rather - a solution." Fun Fact In her spare time, Merav volunteers in various hospitals–in the Emergency Ward and the Children's Wards–where she can provide a mere smile or a comforting shoulder. To her surprise, many times these really make a world of difference to patients in pain, fear, and despair.

DEMO Q3 Demo Day Wednesday, August 19, 2026 Date & Time Wednesday, August 19, 2026 at 2:00:00 PM UTC Intended Audience TPRM Practitioners Duration 6 hours CPE Credits 0 Fee Free Register Event Description The Third Party Risk Association (TPRA) invites you to attend " Demo Days ," an exclusive opportunity for TPRM practitioners to explore innovative solutions from leading TPRM Service Providers. During these interactive sessions, vendors will deliver 25-minute product demos , showcasing their tools, technologies, and services designed to address the complex challenges of third-party risk management. Show More SPEAKER(S) INFORMATION CPE CREDIT To learn about the organizations presenting on this day, please visit our Demo Days page at www.tprassociation.org/demo-days/ . About These Events Join the Third Party Risk Association (TPRA) for "Demo Days," where leading TPRM Service Providers showcase their solutions through 25-minute product demos tailored for TPRM practitioners. Explore cutting-edge tools, engage with vendors, and enhance your risk management strategies. Who Should Attend All TPRM practitioners, including TPRA Practitioner Members and non-members, are invited to these events. Employees of TPRM service provider organizations are not permitted to attend product demos unless they are affiliated with the organization presenting. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

Learn about Hilary Jewhurst, Head of Third-Party Risk Education & Advocacy for Venminder, and TPRA's WNTPRM November 2024 Leader Spotlight. < See All < Previous Next > Hilary Jewhurst Head of Third-Party Risk Education & Advocacy Venminder Biography Hilary leads the advancement and promotion of third-party risk management best practices and solutions through thought leadership, subject matter expertise, and support for Venminder’s customers, Marketing, Sales, and Third-Party Risk divisions. Hilary has served as a senior leader for over 20 years, working in operations management, and risk management roles, with an emphasis on third-party risk. Hilary successfully built, improved, and managed enterprise-wide third-party risk management frameworks and programs for leading financial services companies. She has designed and developed training materials, reference guides, desk-top procedures, job aids, checklists, and templates for a full spectrum of learning environments and learners as well as personally trained hundreds of third-party risk managers, vendor relationship managers, and vendors. Leadership Characteristics "As a naturally curious individual, I constantly seek to expand my knowledge and learn new things. Sometimes, this means saying, "I don't know, let's find out together." Or recognizing that collaborating with others is critical to finding the best solution. I want to lead by example, and by admitting my own limitations, I can create a safe environment where others feel comfortable embracing a mindset of continuous improvement and growth. I also adhere to the principle that is its unnecessary to cling to a mistake just because it’s yours. If something isn't working, don't waste time agonizing; put your energy into fixing it instead." Leadership Challenges "I am a huge fan of simplicity and practicality, anything that is over engineered or needlessly complex frustrates me. Throughout my career, I have frequently been given instructions to implement processes or initiatives that didn't seem to be thoroughly planned out or well considered beforehand. I haven't always found it easy to navigate these situations but learning which battles to fight can be a game-changer. While some may see pushing back as problematic, I've found that sometimes you must trust your instincts and speak up vs. going along to get along. Honestly, it took a fair amount of time and numerous failed attempts before I was able to correctly identify which battles were worth fighting and how to approach them more constructively. This involved adopting a collaborative mindset, respecting the opinions and views of others, and focusing on achieving the best possible outcome, even if that isn't the outcome I most prefer." Key Take-a-ways "Interestingly, the challenges and demands of TPRM can feel painfully familiar to women who have been subjected to traditional gender roles that frequently demand rampant multitasking, a lot of emotional labor, and constantly attending to the needs of others while attempting to balance life's demands. Non-TPRM professionals often find it challenging to comprehend the intricacy of this practice. TPRM professionals are not only expected to be experts in risk management but also excel in process design, project management, relationship management, analysis, and regulatory compliance. And undertake additional other unofficial responsibilities such as being an auditor, facilitator, teacher, coach, and sometimes even a counselor. And as much as I hate gender stereotypes and do my best to avoid perpetuating them, it is a fact that many women, me included, have encountered significant obstacles in the workplace. These challenges often involve being undervalued, overworked, underrepresented, and lacking access to essential resources to perform their jobs effectively. Although TPRM can be a challenging job, as a woman it presented me with the unexpected and somewhat rare opportunity to work with a broad range of stakeholders and demonstrate my diverse skillset every day. There were always problems to solve, which meant there were plenty of opportunities to succeed. And it’s worth noting that the responsibility and accountability that comes with being a TPRM practitioner increased my visibility, often to key decision makers and senior leadership. Considering how difficult it can be for women to succeed in corporate America, if I had understood just how much TPRM would enhance my personal growth, accelerate my career trajectory, and improve my opportunities, I would have pursued the TPRM path much sooner." Fun Fact "I recently moved to a new city and had been looking for new and interesting ways to become involved in my local community. As a history enthusiast who loves spooky stories, I’m delighted that I have been recruited to research, write, and lead a weekly history and ghost tour to raise funds to preserve the town’s historic cemetery."

DEMO Q2 Demo Day Wednesday, May 13, 2026 Date & Time Wednesday, May 13, 2026 at 2:00:00 PM UTC Intended Audience TPRM Practitioners Duration 6 hours CPE Credits 0 Fee Free Register Event Description The Third Party Risk Association (TPRA) invites you to attend " Demo Days ," an exclusive opportunity for TPRM practitioners to explore innovative solutions from leading TPRM Service Providers. During these interactive sessions, vendors will deliver 25-minute product demos , showcasing their tools, technologies, and services designed to address the complex challenges of third-party risk management. Show More SPEAKER(S) INFORMATION CPE CREDIT To learn about the organizations presenting on this day, please visit our Demo Days page at www.tprassociation.org/demo-days/ . About These Events Join the Third Party Risk Association (TPRA) for "Demo Days," where leading TPRM Service Providers showcase their solutions through 25-minute product demos tailored for TPRM practitioners. Explore cutting-edge tools, engage with vendors, and enhance your risk management strategies. Who Should Attend All TPRM practitioners, including TPRA Practitioner Members and non-members, are invited to these events. Employees of TPRM service provider organizations are not permitted to attend product demos unless they are affiliated with the organization presenting. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . No CPE credits are provided for this event type.

LIVE WEBINAR Roundtable: Skills for the Future TPRM Professional Thursday, May 14, 2026 Date & Time Thursday, May 14, 2026 at 3:00:00 PM UTC Intended Audience All TPRM Professionals Duration 1 hr CPE Credits 1 Fee Free Register Event Description Join us on May 14, 2026, from 10 to 11 AM CT for a roundtable exploring the skills TPRM professionals need to succeed in the years ahead. Discussion will cover technical capabilities, cross-functional collaboration, essential soft skills, and how evolving technology is reshaping practitioner roles. Show More SPEAKER(S) INFORMATION CPE CREDIT FACILITATED BY Julie Gaiaschi CEO & Co-Founder | Third Party Risk Association (TPRA) Julie Gaiaschi, CISA, CISM, is the CEO & Co-Founder of the Third Party Risk Association (TPRA). She has over 15 years of technology and information security risk experience, with the last 10 years specializing in third party risk identification and mitigation techniques. In her role as CEO, she provides strategic direction for the non-profit, whose mission it is to further the third party risk profession through knowledge sharing and networking. She also has a passion for helping others enhance their own third party risk management programs. In 2021, Julie was awarded " CEO of the Year " by Women in Governance, Risk, and Compliance. Prior to co-founding the TPRA, Julie consulted on third party risk for a large bank. She also developed and led a large health payer organization’s Third Party Security program. There, she established and executed the third party risk assessment process, which included integration into the Procurement process. Prior to her role as the leader over Third Party Security, Julie was a Senior IT Auditor. Julie resides in Iowa with her husband and two girls. She enjoys traveling and cooking. About These Meetings Monthly Member Meetings are held every second Thursday of the month. Join us for relevant and informative roundtables, panels, and/or presentations on TPRM topics and pain points our members noted within the 2025 end-of-year survey. Who Should Attend All TPRM professionals are invited to these events, including TPRA Practitioner Members, TPRA Vendor Members, and Non-members. Cancellations In the event that this session would need to be canceled, you will be contacted and invited to register for the rescheduled event. Questions & Concerns For more information regarding administrative policies such as complaints, please contact us at info@tprassociation.org . TPRA Members are eligible to receive 0.5 CPE credits for every 30 minutes of the LIVE meeting that they attend. (Ex. Attend for 30 minutes = 0.5 CPE credits. Attend for 1 hour = 1 CPE credits). CPE Credit will be issued upon completion of the post-event survey. Please allow at least one week following the event to receive your CPE certificate.

Learn about Oksana Zbyranyk, Chief Compliance and Delivery Officer for Truvo Cyber, and TPRA's WNTPRM October 2025 Leader Spotlight. < See All < Previous Next > Oksana Zbyranyk Chief Compliance and Delivery Officer Truvo Cyber Biography Oksana is a highly credentialed cybersecurity professional, specializing in compliance and risk management. Her expertise spans leading frameworks such as NIST, SOC 2, ISO 27001, and other, enabling organizations to meet complex compliance requirements and build trust with prospects and customers. A leader in Vendor Risk Management, Oksana successfully developed and implemented a robust Third-Party Risk Management (TPRM) program for the Bank of Canada, ensuring vendor risks were effectively assessed and mitigated. Her in-depth understanding of vendor security frameworks and contractual safeguards has empowered organizations to secure their vendor ecosystems while maintaining regulatory compliance. With her ability to integrate best practices, streamline compliance processes, and develop actionable strategies, Oksana is a trusted advisor for organizations seeking to enhance their security posture and meet compliance objectives. Leadership Characteristics Execution-Driven Leadership (Strengths: Achiever, Responsibility, Discipline): I am highly reliable, goal-oriented, and committed to delivering results. Relationship & Trust-Building Leadership (Strengths: Relator, Trust, Connectedness): As a trusted advisor, I build strong relationships with clients and stakeholders, ensuring compliance is not just a requirement but a value-driven process that fosters trust. This is key in vendor risk management, where collaboration and clear communication are critical. Problem-Solving & Risk Mitigation Leadership (Strengths: Restorative, Responsibility, Deliberative): My focus on risk assessment and mitigation aligns with leaders who analyze risks thoroughly, make careful decisions, and take ownership of challenges. I thrive in environments where critical thinking and sound judgment are essential. Leadership Challenges Getting business buy-in when a vendor’s security posture is weak is a constant challenge because security is rarely the top priority for stakeholders. The business wants the vendor now, procurement is focused on cost, and executives don’t see an immediate risk—until something goes wrong. The pushback is: “Do we really need to delay this over a security concern?” The key is to shift the conversation from abstract risks to real business impact—breach costs, regulatory fines (GDPR), and lost deals with security-conscious customers. A vendor without basic security controls isn't just a compliance issue; it’s a liability waiting to happen. Instead of a hard “no,” I push for risk-based onboarding—tying security improvements to timelines and contracts. Legal and compliance can help enforce this, and external pressure from clients expecting strong security can be a game-changer. At the end of the day, it’s about making security a business decision, not just a checkbox. Key Take-a-ways If there’s one thing I’d tell others in the industry about Third-Party Risk Management (TPRM), it’s that vendor security isn’t just a compliance exercise—it’s a business enabler. Too often, organizations treat TPRM as a checkbox process, but the reality is that a weak vendor can take down your entire business. The best part of TPRM for me is the "negotiation and influence"—turning security from an afterthought into a non-negotiable business priority. Whether it’s getting executives to see the real risk, pushing vendors to meet higher standards, or leveraging security as a competitive edge, TPRM is where cybersecurity meets strategy. Fun Fact I was born in a place where there was only winter. I studied in a place where there was only summer. And I landed in a place with 4 beautiful seasons. Canada is home.

Learn about Women in Tech through videos, articles, interviews, and more! All Categories Previous Category Next Category Technology Filter by Resource Type Blogs & Articles Interviews Research Ted Talk Found 5 Blogs & Articles Why the Gender Wage Gap in IT Matters and What to Do About It MIS Quarterly Executive invited Kristen Lamoreaux and Caren Shiozaki to respond to MISQE’s December 2024 article “Do Women Make Less Than Men in IT? Yes and No!” Lamoreaux is President of Lamoreaux Search, an executive search firm focused on technology leadership. She is also the founder of SIM Women, a national organization that works to boost female representation in IT leadership positions. Shiozaki has held various C-suite roles over the past two decades, including recently serving as an interim CEO overseeing a business restructuring. She has also sat on numerous industry and philanthropic boards. Check It Out Meghan Schrader Monday, December 16, 2024 Interviews "Women in CyberSecurity" by Bitsight Sharing Advice on Finding Success in the Field Check It Out Meghan Schrader Wednesday, April 5, 2023 Ted Talk Small ways women can support each other at work Crystal Martin landed her first job in tech helping women learn code, but there was just one problem, no one would listen to her in meetings. "Why is it that 41% of women leave the tech field within their tenth year? In my opinion, it's because of messages like keep your head down and say nothing." In this energetic talk, Martin pushes for women to advocate for one another in the workplace, stressing that hard work does not speak for itself--you do. Check It Out Meghan Schrader Wednesday, November 15, 2017 Research Do Women Make Less Than Men in IT? Yes and No! According to a report released in 2023 by the United States Government Accountability Office (GAO), there is a significant gender pay gap of 21% among full-time workers in the information technology (IT) sector. We examine the gender pay disparity in the IT sector by analyzing a secondary data set. Our findings suggest that female salaries average $110,496 per year while male salaries average $119,418 per year, constituting an 8% gap. Furthermore, there is a notable disparity in wages between men and women in the age range of 35 to 64. This indicates that women may face unequal opportunities as they progress through their IT careers. Research conducted by leading business publications has highlighted the significant impact of the gender wage gap on job satisfaction and the subsequent increase in the likelihood of women leaving their positions. This concerning trend further exacerbates the already low representation of women in the IT industry. We delve into the implications of our findings for current and future IT leaders and human resources departments. Check It Out Meghan Schrader Tuesday, December 10, 2024 Blogs & Articles Top 10 women to watch in fintech for 2023 As the fintech industry continues to thrive globally, breaking new boundaries and introducing more innovations to the marketplace, women are taking an increasingly central role at the helm of disruptive fintech companies. Check It Out Meghan Schrader Wednesday, March 8, 2023

Learn about Kelsey Theroux, Third Party Risk Analyst for , and TPRA's WNTPRM June 2025 Leader Spotlight. < See All < Previous Next > Kelsey Theroux Third Party Risk Analyst Biography Kelsey Theroux is a third-party risk professional with a strong background in compliance, due diligence, and operational resilience. She began her career in member-facing roles within the banking industry, where she developed a deep appreciation for the systems that uphold trust, accountability, and regulatory integrity. Her early experience in frontline operations naturally progressed into roles focused on backline operations and quality assurance. This foundation eventually led her into risk management, where she has led comprehensive third-party assessments and contributed to building scalable, centralized third-party risk programs. Currently between roles, Kelsey is taking this time to intentionally deepen her expertise in third-party risk, staying engaged with evolving frameworks, tools, and best practices. She believes effective risk management is not just about meeting regulatory requirements, it’s about fostering trust, supporting business continuity, and driving smarter, more resilient partnerships. Beyond her professional work, Kelsey is an active advocate for public health and community causes. She brings that same sense of purpose and dedication to everything she does, whether she’s strengthening an organization’s risk posture or helping drive change in her community. Leadership Characteristics Initiative-Driven, Collaborative, Detail-Oriented, Process Improvement, Strategic Thinker, Resilient, Adaptable, Educator and Mentor, Mission-Oriented. Leadership Challenges "When I stepped into third-party risk management, I faced the challenge of inheriting a program that was outdated and ineffective, all while having limited prior experience in the field. Drawing on my expertise in operations and operational efficiency, I approached the situation with confidence, focusing on streamlining processes and implementing effective strategies. By taking the time to learn the intricacies of third-party risk, I was able to apply my leadership skills to modernize the program, bringing it back up to date and making it more efficient. Through dedication and strategic improvements, I transformed the program into a functional, well-structured framework that aligns with current standards and the organization’s operational needs." Key Take-a-ways "One of the aspects I appreciate most about third-party risk management is the opportunity to dissect processes and uncover gaps. By pulling apart the due diligence of a third party, I can identify areas where vulnerabilities exist, not just within the vendor relationship but across the broader organization. This analytical approach strengthens risk management and presents opportunities to enhance efficiency in other operational areas. Addressing these gaps leads to a more resilient and well-structured framework." Fun Fact "I have been dancing since I was two years old, and it has been an incredible journey. From attending a performing and visual arts high school to competing in dance competitions, every step led to an exciting opportunity to earn a bronze medal as an Olympian in Modern and Jazz Dance. Competing for a spot on the USA dance team was a thrilling experience, and dance has always been a source of joy, discipline, and creativity in my life."

Learn more about NetRise, Inc., a TPRA Advocate Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > NetRise, Inc. Risk Rating/Intelligence Tool Advocate Member CONTACT INFORMATION holly.tam@netrise.io gary.schwartz@netrise.io ryan.owen@netrise.io NetRise helps third‑party risk, procurement, and security teams supplement vendor questionnaires by verifying the software that vendors ship into the enterprise. By analyzing compiled code rather than source code, the NetRise platform creates a binary‑derived software asset inventory that shows what is actually installed and running in your environment. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Third-Party Firmware and Application Risk Assessment Software Bill of Materials (SBOM) Generation, Validation & Assurance Application & Firmware Composition Inventory (Deep Asset Visibility) Compliance, Regulatory Alignment & Audit Support Continuous Monitoring of Vendor Software Risk Across Your Installed Software Inventory Assurance that software patches and updates don’t introduce new risk Supply-Chain Security & Vendor Assurance Workflows (Evidence and Reporting) Exploitability, Reachability & Runtime Impact Analysis Broad Platform Support (IoT, ICS, OT, Networking Infrastructure, Web and Mobile Apps, Appliances, Containers) RESOURCES FROM THIS VENDOR MEMBER NetRise - What's Inside Your Software? VENDOR MEMBER RESOURCE | January 7, 2026 Fragile by Design: Large-Scale Evidence of Software Supply Chain Risk VENDOR MEMBER RESOURCE | January 7, 2026 The Dependency Mirage: Hidden Vulnerabilities in Compiled Binaries VENDOR MEMBER RESOURCE | January 7, 2026 Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES ADDITIONAL OPPORTUNITIES Previous Next