top of page

Search Results

392 results found with an empty search

  • TPRA + CeFPro US | TPRA

    Vendor & Third Party Risk USA In Strategic Partnership Between CeFPro and the TPRA October 14 – 15, 2026 | Fort Worth, Texas REGISTER NOW BECOME A SPONSOR BECOME A SPEAKER AGENDA Why Attend? Attending the Vendor & Third Party Risk Conference provides a valuable opportunity to explore how organisations are responding to an increasingly complex third-party risk landscape across sectors. From cloud concentration and ‘too critical to exit’ vendors to fourth- and nth-party exposure across global supply chains, the event will examine how risk leaders are strengthening operational resilience and preparing for real disruption scenarios. The agenda will also explore how organisations are scaling TPRM programmes through technology, including AI, automation, predictive analytics, and continuous monitoring, while navigating evolving regulatory expectations and cybersecurity requirements. Register your interest to be the first to see the agenda when it launches, or secure your place today at the lowest pre-agenda ticket price. Topics & Tracks Operational Risk & Resilience From cloud concentration to failure scenarios, incident response and fourth & nth party risk in complex supply chains. Innovation & Automation Explore how organizations are using AI & automation, predictive analytics & risk forecasting, and continuous monitoring to strengthen and scale TPRM programs. Regulation & Standards Understand the evolving regulatory expectations across US regulators and global jurisdictions, including cybersecurity requirements, audit readiness, and demonstrating effective third-party risk controls while balancing innovation with compliance. Tickets & Pricing Single Ticket $799 per person For individual TPRM practitioners* *those who assess, monitor, mitigate, etc., third party risk within their own organizations Register Group Ticket $639.20 per person For teams of 5 or more TPRM practitioners* *those who assess, monitor, mitigate, etc., third party risk within their own organizations Register Vendor Ticket $1499 per person For those representing information or service providers* *Vendor, platform or tool provider, consultant, TPRM services, etc. Register ⭐ TPRA Members are eligible for 15% off ! Email info@tprassociation.org for the code! TPRA Member Discount TPRA Members can use the code below to get 15% off their tickets to this event. If you cannot see the code below, please check that you are logged into your account. If you experience any issues, please email us at info@tprassociation.org . Heading 5 Thank you to our sponsors! Knowledge Partner Knowledge Partner Knowledge Partner Co-Sponsor This event is brought to you by the Third Party Risk Association (TPRA) and the Center for Financial Professions (CeFPro) as part of our strategic partnership, bringing together practitioners and industry experts to share practical insights and real-world experiences. + REGISTER NOW BECOME A SPONSOR BECOME A SPEAKER SUBSCRIBE TO UPDATES

  • VIRTUAL CONFERENCE | TPRA

    Join TPRA’s free 2025 Virtual Conference on September 10 to explore continuous improvement in Third Party Risk Management. Attend expert-led sessions, earn CPE credits, and enhance your TPRM strategy. 2026 Virtual Conference Emerging Risks & Operational Resiliency Wednesday, September 9, 2026 • 9:00 AM - 4:00 PM Central Open to All • Free • 6 CPE Credits Available Register Now Join the Third Party Risk Association (TPRA) for our 2026 Virtual Conference: " Emerging Risks & Operational Resiliency " on Wednesday, September 9 , 2026, from 9:00 AM to 4:00 PM CT . What to Expect As organizations navigate an increasingly complex risk landscape, this conference will explore the latest emerging threats—from evolving regulatory expectations to third party vulnerabilities and operational disruptions. Attendees will gain actionable guidance on strengthening resilience, enhancing risk frameworks, and proactively addressing uncertainties that can impact business continuity. Through expert-led sessions, participants will leave better equipped to anticipate challenges, adapt to change, and build more robust, future-ready organizations. Who Should Attend? This conference is ideal for: TPRM professionals seeking to enhance their programs Risk management and compliance officers Procurement and vendor management specialists IT and cybersecurity professionals involved in third party risk Whether you’re focused on third-party risk, enterprise risk, or operational continuity, this event offers valuable perspectives and tools to help you stay ahead in a rapidly shifting environment. Register Now TRACK 1 Driving Resilience Through Continuous Improvement TRACK 2 Driving TPRM Transformation Through Innovation TRACK 3 Navigating Emerging Risks & Regulatory Change Agenda 8:55 AM - 9:00 AM CT General Session Welcome & Kick-Off Julie Gaiaschi, CEO & Co-founder, TPRA Kick off this virtual conference with a few words from Julie Gaiaschi , CEO & Co-founder of the Third Party Risk Association (TPRA). View Session 12:00 PM - 1:00 PM CT Meal Lunch Take a break to enjoy some lunch before jumping back into learning with our next session staring at 1 PM CT! View Session 3:50 PM - 4:00 PM CT General Session Conference Conclusion Julie Gaiaschi, CEO & Co-founder, TPRA We will close out this event with a few announcements and drawings for raffle prizes! View Session Speakers Apply to Speak Julie Gaiaschi CEO & Co-founder Third Party Risk Association (TPRA) Thank you to our Sponsors ! Interested Sponsors Be sure to visit their virtual booths during the event!

  • INNOVATOR AWARD – Open to All | TPRA

    The TPRA created the TPRM Service Provider Innovator Award to honor service providers delivering innovative, efficient tools for practitioners to assess, mitigate, and manage third party risk. TPRA Third Party Risk Management Service Provider Innovator Award 2026 Innovator Award Winner AWARD DETAILS One of the objectives of the Third Party Risk Association (TPRA) is to promote the value that Third Party Risk Management (TPRM) Service Providers add with regard to advancing the TPRM industry as a whole. In support of this objective, the TPRA created the “TPRM Service Provider Innovator Award” to recognize all of the work TPRM Service Providers put into delivering innovative, efficient, and effective tools and techniques for Practitioners to leverage to assess, mitigate, and manage the risk of third parties. AVAILABLE AWARDS Excellence Award: GRC/TPRM Platform Excellence Award: Risk Rating/Intelligence Tool Excellence Award: TPRM Services Third Party Risk Management (TPRM) Service Provider Innovator Award TPRA will award one organization as our 2026 TPRM Service Provider Innovator. In addition, we will recognize three Excellence Award Winners across three categories: GRC/TPRM Platforms, Risk Ratings/Risk Intelligence Tools, and TPRM Services. There will be one winner per category. A minimum of five applicants per category is needed to move forward with that category. Award Judges: TPRA Officers, TPRA Board Members, Select TPRA Practitioner Members in Various Industries Category Descriptions Below you can find brief descriptions of the TPRM Service Provider categories available for this award. Please ensure you apply for the category that most accurately aligns with your organization's tools, products, and or services. TPRM Platform A software system designed to manage Third-Party Risk Management (TPRM) programs, which involves identifying, assessing, mitigating, and monitoring risks associated with external companies that an organization works with. GRC Platform A software tool that tracks, monitors, and manages governance, risk, and compliance activities at the enterprise level. This tool usually encompasses more than one risk-related department and encourages risk management at the highest level for an organization. Risk Ratings/Intelligence Tool A system or software application used to evaluate and quantify the potential likelihood and severity of risks associated with a particular incident or investment, typically assigning a numerical rating to each risk to facilitate prioritization and decision-making within risk management processes. TPRM Services An organization that assists with the implementation of TPRM programs and/or the completion of due diligence activities. TPRM Service providers can determine the maturity of your program and enhance operational capabilities. AWARD CRITERIA Any TPRM Service Provider organization may apply (does not need to be a TPRA Vendor Member). Must be a TPRM Service Provider organization that offers a product and/or service to the TPRM Practitioner community at large to assist with identifying, assessing, monitoring, and/or mitigating third party risk. (Ex. GRC Platform, TPRM Platform, TPRM Service Provider, Risk Rating/Intelligence Tool) Actively advances the industry through pioneering and/or innovating TPRM solutions/services. Regularly collaborates with Practitioners, Regulators, and/or other Service Providers in the creation, implementation, and/or delivery of their innovative products/services. Advocates for and exemplifies social responsibility and philanthropy. Contact Heather Kadavy at heather.kadavy@tprassociation.org with any questions about the award or application process. AWARD TIMELINE Award Opens Application Closes Shortlist Communicated Top 3 per Catagory Interviews Conducted Category Winners Announced Innovator Award Announced & Presented + Excellence Awards Presented Thursday, January 1, 2026 Friday, February 13, 2026 Monday, March 2, 2026 Monday, March 2 - Friday, March 27, 2026 Monday, April 6, 2026 Tuesday, April 21, 2026 at TPRA's 2026 Conference in Denver, CO Applications Closed Applications will open again in January 2027 Congratulations to Interos.ai ! 2026 Innovator Award Winner Congratulations to Aravo , Interos , & HITRUST ! 2026 Excellence Award Winners

  • Women Lead | Sophie Bennett

    Learn about Sophie Bennett, Previously: VP, Vendor Management for Lloyds Bank, and TPRA's WNTPRM June 2024 Leader Spotlight. < See All < Previous Next > Sophie Bennett Previously: VP, Vendor Management Lloyds Bank Biography I am a professional specializing in Third-Party Risk Management. My unique global perspective has been shaped by 10 years working across UK, the Philippines and New York (7 years). My background in procurement, supplier assurance, and supplier management equips me to deliver effective results. I am deeply committed to meeting internal needs while adeptly managing evolving external risks in a fast-paced environment. At Lloyds Bank North America I was responsible for overseeing around 300 vendor relationships! Leadership Characteristics Leading with kindness and empathy. Diversity and inclusion can underpins success! Leadership Challenges I arrived to New York from London more than seven years ago where I built up the procurement and supplier assurance policies and procedures for Lloyds Bank North America. Key Take-a-ways My favorite aspect of TPRM is that it is ever-evolving! Fun Fact I've featured as an extra in Law and Order: Special Victims Unit

  • JOIN | TPRA

    Explore TPRA membership plans and pricing for practitioners and vendors. Join to gain access to exclusive resources, events, networking, and certifications tailored for TPRM professionals. Join the TPRA Find the one that works for you! TPRM Service Providers (including but not limited to TPRM Platforms, Risk Ratings/Intelligence Tools, GRC Platforms, TPRM Services, Consultants, etc.) should email Heather Kadavy to purchase a Vendor Member Plan. If you are a start-up organization, check out our Incubator Program for a unique Vendor Membership opportunity. Standard Plan (New) $ 0 0$ For Third Party Risk Management (TPRM) Practitioners Valid for 2 years Join TPRM Monthly & Quarterly Meetings Access to Slack Practitioner Member Forum Access to Members-Only Site with Guidance, Tools, Templates Quarterly TPRA Newsletter Discount In-Person Conference & Free Virtual Access to Blog Posts, TPRM Videos, & Certification Program Access to TPRM Service Provider Contacts, Demos, & Webinars And More Best Value Premium Plan - 1 Yr $ 199 199$ Premium Practitioner Plan (Does Not Auto Renew) Valid for one year Join All the benefits of the Standard Practitioner Plan A 50% Off Discount to the TPRA Spring In-Person Conference Free T-Shirt & VIP Designation at In-Person Conference Priority Access to Select In-Person Conference Sessions Early Access to Event Registrations & TPRA Products Discounts on Current & Future Certifications Offered by TPRA Exclusive, Monthly TPRM "Informational Briefing" for Leaders Note: Standard Practitioner Plans expire after two years. Premium Practitioner & all Vendor Plans require manual renewal annually.

  • FusionAIrre | Vendor Member Profile

    Learn more about FusionAIrre, a TPRA Incubator, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > FusionAIrre TPRM Platform Incubator Member CONTACT INFORMATION Stephanie Greer CEO & Founder Stephanie@FusionAIrre.ai +1 (919) 271-4341 FusionAIrre.a i Tom Garrubba Cofounder & Chief Commercial Officer Tom@FusionAIrre.ai +1 (412) 720-4248 FusionAIrre.ai Trust Has Become a Business Requirement. Organizations today face unprecedented pressure to demonstrate trust across a growing number of stakeholders. FusionAIrre helps organizations respond to customer, regulatory, and due-diligence requests faster, more accurately, and with greater confidence through agentic AI, governed workflows, and enterprise orchestration. As External-Party Assurance demands continue to grow, FusionAIrre is redefining how organizations demonstrate trust, accelerate business, and maintain compliance at scale. TOP PRODUCT FUNCTIONALITY CATEGORIES FusionAIrre enables organizations to respond to customer, regulatory, and due diligence requests through a single, governed platform—delivering fast, consistent, and audit-ready assurance at scale. Complete External-Party Assurance in hours not days or weeks through governed AI, structured workflows, and reusable, evidence-backed responses. Show More RESOURCES FROM THIS VENDOR MEMBER Load More EVENTS FROM THIS VENDOR MEMBER NEWS & UPDATES Delta Dental of NJ and Connecticut PR Newswire: FusionAIrre & Delta Dental of NJ and Connecticut June 18, 2026 Scheider Downs PR Newswire: FusionAIrre & Schneider Downs June 4, 2026 ADDITIONAL OPPORTUNITIES Previous Next

  • Bitsight | Vendor Member Profile

    Learn more about Bitsight, a TPRA Champion Member, through this comprehension profile, including a bio, product functionality, contact info, and more. < Main Page < Previous Next > Bitsight Risk Ratings/Intelligence Champion Member CONTACT INFORMATION Michael Hermann Enterprise Sales Director michael.hermann@bitsight.com Bitsight delivers an integrated third-party risk management solution that enables organizations to measure, monitor, and mitigate vendor and supply chain risk using real-time cyber intelligence. Built on one of the world’s largest external cybersecurity datasets and powered by AI, Bitsight TPRM transforms third-party risk programs from manual, point-in-time assessments into continuous, outcomes-driven operations across the vendor lifecycle. Show More TOP PRODUCT FUNCTIONALITY CATEGORIES Third Party/Supply Chain Risk Management Cyber Risk Intelligence Continuous Monitoring Vulnerability Detection and Response Fourth Party Risk Management Dark Web Intelligence for Supply Chains Vendor Onboarding & Assessment Vendor Collaboration and Risk Reduction Exposure / Attack Surface Management Professional Services RESOURCES FROM THIS VENDOR MEMBER How Early Signals Surfaced by Dark Web Intelligence Enhance Supply Chain Cyber Resilience VENDOR MEMBER RESOURCE | March 6, 2026 Dark Web Intelligence for Supply Chains: From Reactive TPRM to Threat-Led Defense VENDOR MEMBER RESOURCE | March 6, 2026 A Third-Party Risk Management Framework Template: 10 Critical Elements VENDOR MEMBER RESOURCE | January 9, 2026 Load More EVENTS FROM THIS VENDOR MEMBER After Mythos: How Security and Risk Teams Take Action and Prove Resilience Webinar July 16, 2026 Doomed or Prepared? How Frontier AI Models Reshape TPRM Programs Webinar July 23, 2026 NEWS & UPDATES Bitsight Launches Industry’s First Dark Web Intelligence for Supply Chains, Empowering Organizations to Predict and Prevent Third-Party Exploits February 10, 2026 ADDITIONAL OPPORTUNITIES Previous Next

  • TPRM Service Providers | TPRA

    Leverage this list of third party risk management service providers in various categories to find the right vendor for your needs. TPRM Tools At the Third Party Risk Association, we know that finding the right vendor for your needs can be a challenge. Often, organizations may not even be aware of the potential vendors in the space. We're aiming to compile an exhaustive list of TPRM vendors across various categories to make your life a little easier. This list of TPRM Vendors is not affiliated with the TPRA, and the TPRA does not receive any monetary gain from listing them below. If you are a TPRM Vendor and would like to be included in the list below, please email Heather Kadavy at heather.kadavy@tprassociation.org . Filter by Category Select Category Filter by TPRA Membership Select Status Search by Organization Select Organization Number found: 164 Search Clear Filters Category Name TPRA Member? URL GRC Platform 360Factors Inc No https://www.360factors.com GRC Platform Acuity Risk Management No http://acuityrm.com GRC Platform Archer Integrated Risk Management No https://www.archerirm.com/third-party-governance GRC Platform CoreStream No http://corestreamplatform.com GRC Platform DVV Solutions TPRM No https://www.dvvs.co.uk GRC Platform Diligent No https://www.diligent.com/ GRC Platform Drata Yes https://drata.com/ GRC Platform Ethico No http://www.ethico.com GRC Platform LogicGate No https://www.logicgate.com/solutions/third-party-risk-management/ GRC Platform MetricStream No https://www.metricstream.com GRC Platform Navex No https://www.navex.com/en-us/products/navex-irm-integrated-risk-management/third-party-risk-management/ GRC Platform Onspring No https://onspring.com/solutions/governance-risk-compliance/third-party-risk-management/ GRC Platform OpenPages GRC by IBM No https://www.ibm.com/products/openpages-with-watson?utm_content=SRCWW&p1=Search&p4=43700070084211913&p5=p&gclid=f61d865decc71a305683e4bf26ab6b2c&gclsrc=3p.ds GRC Platform Optro (pka Auditboard) No https://optro.ai/ GRC Platform PROXORA No https://www.proxora.com/en/ GRC Platform Reasonable Risk No https://www.reasonablerisk.com/ GRC Platform RiskOptics formerly Reciprocity No https://reciprocity.com/ GRC Platform SAI 360 GRC No https://www.sai360.com/ GRC Platform SAP Risk Management No https://www.sap.com/products/financial-management/risk-management.html GRC Platform ServiceNow GRC No https://www.servicenow.com/products/governance-risk-and-compliance.html GRC Platform Standard Fusion No https://www.standardfusion.com/ GRC Platform Tandem Yes https://tandem.app/ GRC Platform TutelaSolutions No https://www.tutela-solutions.com/ Research & Educational Community Cloud Security Alliance (CSA) Yes https://cloudsecurityalliance.org/ Research & Educational Community Dynamic Standards International (DSI) No https://dsi.org/about Research & Educational Community FAIR Institute Yes https://www.fairinstitute.org Research & Educational Community Fintech Training Center Yes https://fintechtrainingcenter.com/ Research & Educational Community Global Resilience Federation (GRF) Yes https://www.grf.org/ Risk Ratings/Intelligence Argos Risk No https://argosrisk.com Risk Ratings/Intelligence Bitsight Yes https://www.bitsight.com Risk Ratings/Intelligence Black Kite Yes https://blackkite.com/ Risk Ratings/Intelligence Blackwired Pte Ltd No https://www.blackwired.com Risk Ratings/Intelligence BreachSiren No https://breachsiren.com Risk Ratings/Intelligence Continuity Strength Yes https://continuitystrength.com/corporate-support Risk Ratings/Intelligence CyberCert Yes https://cybercert.ai Risk Ratings/Intelligence Cyberwrite No https://www.cyberwrite.com/ Risk Ratings/Intelligence Dark Sky Technology, Inc. No http://www.darkskytechnology.com Risk Ratings/Intelligence Dun & Bradstreet No https://www.dnb.com/solutions/manage-supplier-risk.html Risk Ratings/Intelligence FortifyData No http://www.fortifydata.com Risk Ratings/Intelligence GRMS | Global Risk Management Solutions No http://www.GlobalRMS.com/Difference Risk Ratings/Intelligence ISS Corporate Solutions No https://www.isscorporatesolutions.com/solutions/security-suite/ Risk Ratings/Intelligence Interos Yes https://www.interos.ai/ Risk Ratings/Intelligence Ionix previously Cyberpion No https://www.ionix.io/ Risk Ratings/Intelligence KHARON No https://www.kharon.com/ Risk Ratings/Intelligence NetRise, Inc. Yes https://www.netrise.io/ Risk Ratings/Intelligence Nova Technology Limited No https://nova-doc.com/ Risk Ratings/Intelligence Orpheus Cyber No https://www.orpheus-cyber.com Risk Ratings/Intelligence Owlin No http://www.owlin.com Risk Ratings/Intelligence Panorays No https://www.panorays.com Risk Ratings/Intelligence PromptArmor Yes https://www.promptarmor.com Risk Ratings/Intelligence RapidRatings No https://www.rapidratings.com/ Risk Ratings/Intelligence Recorded Future No https://www.recordedfuture.com Risk Ratings/Intelligence RiskRecon by Mastercard Yes https://www.riskrecon.com Risk Ratings/Intelligence Semantic Visions No https://www.semantic-visions.com/ Risk Ratings/Intelligence Sentrisk No https://www.marshmclennan.com/sentrisk.html Risk Ratings/Intelligence Supply Wisdom Yes https://www.supplywisdom.com/ Risk Ratings/Intelligence TRaiCE No https://www.traice.io Risk Ratings/Intelligence Tenchi Security Yes https://www.tenchisecurity.com/en Risk Ratings/Intelligence The Smart Cube, a WNS company No https://www.thesmartcube.com/solutions/procurement-supply-chain/supplier-risk-intelligence/ Risk Ratings/Intelligence UpGuard No https://www.upguard.com/ Risk Ratings/Intelligence Vendict No https://www.vendict.com/ Risk Ratings/Intelligence Veridion No https://veridion.com/ TPRM Integration Tool PsyberCog Labs Yes https://www.psybercog.com TPRM Platform Anqa Yes https://www.anqa.ai/ TPRM Platform Aprovall Yes https://www.aprovall.com/en/ TPRM Platform Aravo Yes https://www.aravo.com TPRM Platform Atlas Systems No https://www.atlassystems.com/solutions/third-party-risk-management TPRM Platform Blue Umbrella No http://www.blueumbrella.com TPRM Platform BlueVoyant Yes https://www.bluevoyant.com/ TPRM Platform Censinet No https://www.censinet.com TPRM Platform Certa Yes https://certa.ai TPRM Platform Clarative AI Yes https://www.clarative.ai/ TPRM Platform Clarity360 (Kroll) No https://www.krollclarity.com/ TPRM Platform Coverbase Yes https://coverbase.ai/ TPRM Platform Crossword Cybersecurity No https://www.crosswordcybersecurity.com/ TPRM Platform CyberGRX (now ProcessUnity) No https://www.cybergrx.com TPRM Platform DSALTA No https://www.dsalta.com/ TPRM Platform DocuBark Yes https://docubark.com/ TPRM Platform DoubleCheck Software No http://www.doublechecksoftware.com TPRM Platform EthixBase360 (formerly EthixBase) No https://ethixbase360.com/ TPRM Platform Exiger No https://www.exiger.com/ TPRM Platform Fabrik Yes https://www.thetrustfabrik.com/ TPRM Platform Findings No https://findings.co/ TPRM Platform FlowForma No http://www.flowforma.com/flowassure TPRM Platform Fortress No https://fortress.ai/ TPRM Platform FusionAIrre Yes https://www.fusionairre.ai/ TPRM Platform Gatekeeper No https://www.gatekeeperhq.com TPRM Platform GraphiteConnect No https://www.graphiteconnect.com/ TPRM Platform Halo Ai No https://gohalo.ai/ TPRM Platform Hellios Information No https://hellios.com/ TPRM Platform Kobalt Labs No https://www.kobaltlabs.com/ TPRM Platform Lema Yes https://www.lema.ai/ TPRM Platform Locktivity Yes https://www.locktivity.com/ TPRM Platform LogicManager No https://www.logicmanager.com/ TPRM Platform Mitratech Yes https://mitratech.com/ TPRM Platform MyRiskShield No https://www.myriskshield.com/ TPRM Platform Ncontracts No https://www.ncontracts.com/ TPRM Platform OneTrust Yes https://www.onetrust.com TPRM Platform Perimeter (formally ProcessBolt) No https://perimeter.net/ TPRM Platform Portend AI Yes https://portend.ai/ TPRM Platform ProcessUnity Yes https://www.processunity.com TPRM Platform Protecht No https://www.protechtgroup.com/en-us/ TPRM Platform Resilinc No http://www.resilinc.ai TPRM Platform Risk Ledger No https://riskledger.com/ TPRM Platform Safe Security Yes https://safe.security/ TPRM Platform Sayari Yes https://sayari.com/ TPRM Platform SecureOS Yes https://www.secureos.co/ TPRM Platform SecurityScorecard Yes https://www.securityscorecard.io TPRM Platform Shift Security Yes https://www.shift.security/ TPRM Platform Smarsh (formerly Privva) No https://www.smarsh.com/platform/cybersecurity-risk-management/vendor-risk-management TPRM Platform Sphera (formerly RiskMethods) No https://sphera.com/supply-chain-risk-management/ TPRM Platform Start No https://www.startvrm.com/ TPRM Platform TDI No https://tdinternational.com/ TPRM Platform Tekrisq Yes https://tekrisq.com/home TPRM Platform ThirdOrbit Yes https://thirdorbit.io TPRM Platform ThirdPartyTrust (a Bitsight company) No https://www.thirdpartytrust.com TPRM Platform Trust Your Supplier No https://trustyoursupplier.com/ TPRM Platform TrustExchange No https://www.trustexchange.com TPRM Platform VISO TRUST No https://www.visotrust.com TPRM Platform Vanta Yes https://vanta.com TPRM Platform Velocity (Stern Security) No https://www.velocitysec.com/ TPRM Platform VendorRisk No https://www.vendorrisk.com TPRM Platform Vendorly No https://www.vendorly.com/ TPRM Platform Whistic No https://www.whistic.com TPRM Platform myCYPR No https://www.mycypr.com/ TPRM Services AML RightSource No http://www.amlrightsource.com TPRM Services BDO USA No https://www.bdo.com TPRM Services BraunWeiss Inc. Yes https://www.braunweiss.net/ TPRM Services CRFQ Yes https://www.crfqnow.com/ TPRM Services Cadre No https://www.cadre.net TPRM Services CastleHill Risk No https://www.castlehillrisk.com TPRM Services Center for Financial Professionals (CeFPro) Yes https://cefpro.com/ TPRM Services Certificial, Inc. No http://www.certificial.com TPRM Services ComplyScore No https://www.complyscore.com TPRM Services Continuiti Solutions Yes https://continuitisolutions.com/ TPRM Services Continuity Solutions No https://www.continuitysolutions.org/ TPRM Services Copeland BUHL No https://www.copelandbuhl.com/ TPRM Services Crowe No https://www.crowe.com/services/consulting/third-party-risk-management TPRM Services Cyber Future Foundation Yes https://cyberfuturefoundation.org/ TPRM Services DRI International Yes https://www.tprassociation.org/vendor-profiles/dri-international TPRM Services Defentrix No https://www.defentrix.com/ TPRM Services Dixon Hughes Goodman No https://www.dhg.com/services/advisory TPRM Services Evident ID No https://www.evidentid.com TPRM Services Grant Thorton No https://www.grantthornton.com/services/advisory-services/cybersecurity-and-privacy/third-party-risk TPRM Services GuidePoint Security No http://www.guidepointsecurity.com TPRM Services HITRUST Yes https://hitrustalliance.net/ TPRM Services ITPN No http://www.ITPeopleNetwork.com TPRM Services Next Peak Yes https://nextpeak.net/ TPRM Services PRAXIS Technology Escrow, LLC No https://praxisescrow.com TPRM Services RSM US Yes https://rsmus.com/ TPRM Services Risk Tide Solutions Yes https://www.risktide.com/ TPRM Services S&P Global Market Intelligence Yes https://www.spglobal.com/marketintelligence/en/mi/products/ky3p.html TPRM Services Schneider Downs No https://www.schneiderdowns.com/third-party-risk-management TPRM Services Secure Controls Framework (SCF) Yes https://securecontrolsframework.com/ TPRM Services SecureCrest No https://www.securecrest.com TPRM Services Securis360 Inc. Yes https://securis360.com TPRM Services Sidekick Security No https://sidekicksecurity.io/third-party-risk-management/ TPRM Services Source Callé No https://www.sourcecalle.com TPRM Services TUV OpenSky No https://www.tuvopensky.com TPRM Services Third Party Threat Hunting LLC Yes https://thirdpartythreathunting.com/ TPRM Services Truvo Cyber No http://truvocyber.com TPRM Services VIVIDedge No https://www.vivid-edge.com/ TPRM Services Vendor Centric Yes https://www.vendorcentric.com TPRM Services Ventara Risk Solutions Yes https://www.ventararisksolutions.com/

  • VENDOR-PROVIDED RESOURCES | TPRA

    Explore TPRM service provider resources, including tools and documents to enhance your risk management strategy. Access helpful links and information from various providers. Vendor-Provided Resources Here you can find links to resources supplied by TPRA Vendor Members (TPRM Service Providers). Some of these resources require you to input information to obtain the document. Note: TPRA does not support one particular service provider over another, nor do we benefit from providing you the links below. Read and implement at your own risk. If you are a TPRA Vendor Member and have a resource or link you would like to see added to this page, please submit through our Vendor Submissions form , or send it to Meghan Schrader at meghan.schrader@tprassociation.org for review. Filter by Resource Type Blog Checklist Company Information Datasheet Framework Guide Guidebook Infographic Magazine Newsletter Other Playbook Podcast Presentation Report Research State of the Industry Survey Results Template Tool Toolkit Video Whitepaper eBook S&P Global Market Intelligence Whitepaper From Periodic Assurance to Continuous Intelligence Re-architecting Supplier Governance for a Real-Time, AI-Enabled World July 14, 2026 This whitepaper explores how leading companies are shifting from static, point-in-time assurance processes to a proactive, intelligence-driven approach. It highlights the importance of real-time data, advanced AI tools, and a decision-led framework to identify and mitigate risks as they emerge—often within hours, not months. View Resource Aravo Blog Why You Should Vibe Code Your TPRM Solution June 15, 2026 View Resource Aravo Blog Closing the Accountability Gap in an Evolving Compliance Landscape May 26, 2026 View Resource Aravo Blog From AI Ambition to Impact: Building AI-Ready TPRM with Aravo and PwC May 21, 2026 View Resource Aravo Blog Fueling the Enterprise With AI: How Connected Intelligence Powers Smarter TPRM May 4, 2026 View Resource Aravo Blog No More Hype, Just Horsepower: Building the Business Case for AI in Third‑Party Risk Management April 28, 2026 View Resource Aravo Blog Under the Hood: Why Data Transparency and Guardrails Make or Break AI in Third‑Party Risk Management April 28, 2026 Artificial intelligence (AI) has quickly become a core consideration for Third‑Party Risk Management (TPRM), vendor risk management, supplier risk management, and broader extended‑enterprise programs. It promises accelerated onboarding, more complete assessments, and richer insight across complex third‑ and Nth‑party ecosystems. At the same time, it introduces a structural challenge: critical risk decisions are increasingly influenced by systems whose inner workings are not always visible or easily explained. View Resource Center for Financial Professionals (CeFPro) Report The New Risk Landscape: Global CeFPro Risk Outlook Report 2026 April 14, 2026 This report explores how financial institutions are responding to a rapidly evolving risk environment shaped by AI, technology dependency, cyber threats, geopolitics, and systemic interconnectedness. Drawing on insights from 100 global risk professionals, it examines how the hierarchy of risk is changing, and why traditional risk frameworks are increasingly being tested. The CeFPro Risk Outlook 2026 highlights where institutions are investing, where governance and ownership remain fragmented, and where gaps between ambition and execution are creating new vulnerabilities. It also explores how risk leaders are rethinking resilience, accountability, and capability maturity in the face of emerging and interconnected risks. Download the report to uncover the latest data, themes, and strategic insights shaping the future of risk management. View Resource Secure Controls Framework (SCF) Playbook Security, Compliance & Resilience Management System (SCRMS) March 10, 2026 The Secure Controls Framework (SCF) Security, Compliance & Resilience Management System (SCRMS) is intended to be utilized as a holistic, technology-agnostic framework for an entity to design, implement and maintain secure, compliant and resilient capabilities, covering an organization’s People, Processes, Technology, Data and Facilities (PPTDF), regardless of how or where data is stored, processed and/or transmitted. There are two (2) fundamental goals of the Security, Compliance & Resilience Management System (SCRMS): 1. Provide the structure for an entity to be secure, compliant and resilient; and 2. Generate defensible evidence of due diligence and due care that is capable of defending the entity’s cybersecurity and data protection practices to against legal challenges, if an incident should occur. View Resource Aprovall Blog TPRM Organizational Silos: How to Break Down Barriers March 6, 2026 In many companies, organizational silos remain a persistent reality. Procurement, Legal, Compliance, Finance, and IT often still operate as independent units, each with their own tools, priorities, and metrics. Despite years of digitalization efforts, these internal divisions continue to hinder overall organizational performance. View Resource Bitsight Blog Dark Web Intelligence for Supply Chains: From Reactive TPRM to Threat-Led Defense March 6, 2026 View Resource Bitsight Blog How Early Signals Surfaced by Dark Web Intelligence Enhance Supply Chain Cyber Resilience March 6, 2026 View Resource LOAD MORE

  • Exiger Named 2024 Innovator Award Winner | TPRA

    FOR IMMEDIATE RELEASE Exiger Named 2024 Innovator Award Winner Thursday, April 11, 2024 Robert Huff (left), Senior Vice President, Third-Party & Supply Chain Risk Management Solutions for Exiger, accepts the 2024 Innovator Award from Julie Gaiaschi (right), CEO & Co-founder of the Third Party Risk Association (TPRA) at TPRA's 2024 In-Person Conference in Phoenix, AZ. Robert Huff (left), Senior Vice President, Third-Party & Supply Chain Risk Management Solutions for Exiger, accepts the 2024 Innovator Award from Julie Gaiaschi (right), CEO & Co-founder of the Third Party Risk Association (TPRA) at TPRA's 2024 In-Person Conference in Phoenix, AZ. 1/1 Robert Huff (left), Senior Vice President, Third-Party & Supply Chain Risk Management Solutions for Exiger, accepts the 2024 Innovator Award from Julie Gaiaschi (right), CEO & Co-founder of the Third Party Risk Association (TPRA) at TPRA's 2024 In-Person Conference in Phoenix, AZ. Exiger Named Third Party Risk Association's (TPRA) 2024 Third Party Risk Management (TPRM) Service Provider Innovator Award Winner PHOENIX, ARIZONA — APRIL 11, 2024 — At the Third Party Risk Association’s (TPRA) 2024 TPRM Conference, “Third Party Risk Madness” in Phoenix, Arizona, TPRA announced Exiger as the 2024 winner for their TPRM Service Provider Innovator Award. “We couldn’t be more excited! Thank you to all of the judges, all of the TPRA leadership, and the TPRM community,” said Brandon Daniels, Chief Executive Officer at Exiger. “Let’s make the world a safer and more transparent place for our customers to succeed!” TPRA had 24 total Service Provider nominations for this award, with 6 organizations chosen to be finalists in the award process. Despite the difficult selection process given the many outstanding service providers, the TPRA Board of Directors and select Practitioners chose Exiger as the overall winner. “What intrigued us the most about this organization is, not only do they obtain large amounts of data and correlate that data against a set of controls and regulations to determine current risks, but the correlation of that information via AI allows them to also provide you with leading risk indicators,” Julie Gaiaschi, CEO & Co-founder of the Third Party Risk Association, noted during her announcement speech. One example of this is that Exiger can provide customers with specific risks as they relate to a piece of software via CVE and the software assessment itself, but also provide leading risk indictors of how the software was developed. Not only does Exiger look at cyber risk, but also financial health, operational, regulatory, reputational, and criminal risk (which includes export controls). Because of their connection to the government, they map regulations to controls and artifacts, as well to determine regulatory compliance, via artificial intelligence (AI). When asked how they maintain the regulatory compliance side with so many new and changing regulations, Exiger stated they are, “...looking at each rule via AI and assessing changes and updates to the policy, rulemaking, or legislation on a regular basis.” In addition, they meet with regulators to help define legislation to ensure they can validate specific controls. The last piece that intrigued TPRA judges was their ability to perform root cause analysis of findings. Their AI model can articulate why risks exist through natural language prompts and provide the evidence it found to support the finding. For all these reasons and more, TPRA selected Exiger as their 2024 TPRM Service Provider Innovator Award winner. About Exiger Exiger got their start in terms of large scale TPRM in this sector with the Defense Counter Intelligence Agency and within the last few years have now branched out into the commercial space (which now makes up the majority of their business). Within the commercial sector, the majority of their clients are in healthcare, Information Communication Technology, and Advanced Manufacturing (or critical infrastructure). They are now seeing an increase in retail as well, post-COVID. Exiger is actively working to simplify the user experience by identifying risk no matter what domain it is in via not only open and privately procured sources, but also by correlating information obtained and within regulations via AI. Their mission is to provide a safer and more transparent space for customers to succeed. For more information about Exiger and their innovative approaches to identifying and mitigating third party risk, visit www.exiger.com . About the Award One of the objectives of the Third Party Risk Association (TPRA) is to promote the value that Third Party Risk Management (TPRM) Service Providers add with regards to advancing the TPRM industry as a whole. In support of this objective, the TPRA created the TPRM Service Provider Innovator Award to recognize all the work TPRM Service Providers put into delivering innovative, efficient, and effective tools and techniques for Practitioners to leverage to assess, mitigate, and manage the risk of third parties. After reviewing the initial applications, TPRA’s seven judges chose six organizations as finalists in the award process. The team of judges then met with these organizations individually to further discuss their application, where they see their organizations headed within the next five years, what they would change about the TPRM industry, and why social responsibility is important to them. “These organizations are all innovative in their own right,” TPRA noted in their initial announcement. “While this award is simply a visible recognition for one, all of these organizations are doing so many innovative and important things to better mitigate risk, improve processing times, reduce resource workload, and provide more meaningful risk identification and mitigation techniques.” This award recognizes a TPRM Service Provider organization that: offers a product and/or service to the TPRM Practitioner community at large to assist with identifying, assessing, monitoring, and/or mitigating third party risk, actively advances the industry through pioneering and/or innovating TPRM solutions/services, regularly collaborates with Practitioners, Regulators, and/or other Service Providers in the creation, implementation, and/or delivery of their innovative products/services, and advocates for and exemplifies social responsibility and philanthropy. Any TPRM Service Provider organization may apply for this award, regardless of membership with the TPRA. “We are extremely grateful to every one of the 24 innovative service provider organizations that applied this year. We look forward to getting to know even more awesome organizations in the coming years and giving them their due recognition through our Innovator Award Program,” Gaiaschi said in closing. ### The Third Party Risk Association was created out of a necessity to build a community of like-minded third party risk professionals to allow for the sharing of best practices, exchanging of ideas, and influencing of an industry. This organization is a 501(c)(6) not- for-profit. MEDIA CONTACT Meghan Schrader Meghan.schrader@tprassociation.org www.tprassociation.org FOR MORE INFORMATION https://www.tprassociation.org/innovator-award Previous Next

  • 2026 Conference Presentations | TPRA

    Access presentation slides from TPRA’s 2025 in-person conference. Review key insights and takeaways from sessions led by industry experts in Third Party Risk Management. 2026 In-Person Conference Presentations Filter by Title Select Title 39 Found Filter by Track Select Track Filter by Date Text Select Date Text Clear Filters Winning Hearts & Minds: Leading Change in TPRM from the Ground Up Verity Billson, Group head of TPRM, Experian Track 1: Foundation Trail: Where the Journey Begins Download PowerPoint Hyper TPRM: Rethinking Third-Party Risk for Scale, Speed, and Confidence Ed Thomas, Senior Vice President, ProcessUnity Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint Ransomware in the Supply Chain: Separating Signal from Noise in Third-Party Risk Kelly White & Allan Liska, RiskRecon Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Third Party Cyber Risk: New Regulatory Trends You Need to Know Jake Olcott, VP Government Affairs, Bitsight Track 4: Compliance Crossing: Mapping the Legal & Standards Landscape Download PowerPoint Distinguishing 2025 AI Hype to 2026 TPRM Transformation Dean Alms, Chief Product Officer, Aravo Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Contract Management: Essential Clauses and Provisions for Risk Mitigation Ryan Hesser, VP TPRM & Legal Counsel, VyStar Credit Union Track 4: Compliance Crossing: Mapping the Legal & Standards Landscape Download PowerPoint The Oxygen Problem: Breathing Life into "Dead-on-Arrival" Questionnaires Steve Cobb & Cody Wright, SecurityScorecard Track 1: Foundation Trail: Where the Journey Begins Download PowerPoint Continuous Monitoring: Evaluating Third-Party Performance Basem Mahmoud, PepsiCo Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint Rethinking Vendor Due Diligence: When Cyber Threats Outpace Traditional Assurance Ryan Patrick, EVP, TPRM Customer Solutions, HITRUST Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Beyond Checklists: Leveraging the MITRE ATT&CK Framework for Dynamic Control Evaluation and Third Party Risk Management Keith Stouder, vCISO Practice Lead, Stern Security Track 1: Foundation Trail: Where the Journey Begins Download PowerPoint Surviving the AI Apocalypse: How to Stay Resilient in the Age of AI Tomer Roizman, Co-Founder & CTO, Lema.AI Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint Agents, GPTs, and copilots, oh my! AI just blew up your TPRM program Jeffrey Wheatman, SVP Cyber Risk Strategist, Black Kite Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Beyond the Checklist: Building a Unified Third-Party Control Framework Jan Stappers, EVP Solutions Strategy, Mitratech Track 4: Compliance Crossing: Mapping the Legal & Standards Landscape Download PowerPoint Careers & Connections: From Pressure to Power: Mastering Stress in the Modern Workplace Kelvin Pruitt, CEO, MentaLIFE Wellness General Download PowerPoint Beyond Limits: Leading From a Place of Power and Potential Ashley Lentz, Elite Coach & Keynote Speaker, Love Powered Leadership Keynote Download PowerPoint AI Risk 2.0: How the risk landscape changes with expanded functionality Shankar Krishnan, PromptArmor; Courney Tuner, Deere & Co; Kathy McKenna Sauermann, Humana; Chuck Walkup, Hubspot Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint What Recent Third-Party Breaches Mean for the Future of TPRM Ram Vemula & Resha Chheda, Safe Security Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Processing Isn’t Deciding: Engage the Humans Eric Rosendaul, Manager, Third Party Assurance, Citizens Track 4: Compliance Crossing: Mapping the Legal & Standards Landscape Download PowerPoint Trailblazing TPRM: From Manual Hikes to Automated Climbs Courtney Turner, Deere & Co Track 1: Foundation Trail: Where the Journey Begins Download PowerPoint How to Leverage Data & AI to Manage Third-Party Risk Lisa-Mae Hill, TPRM Solutions Consultant, Sayari Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint From Manual to Modern: The Predictive Future of TPRM Adrian Conley, Director, Specialty Sales, Vanta Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Best Practice: Combining TPRM and Procurement in ONE team Keith Frantz, Prosper Marketplace Track 1: Foundation Trail: Where the Journey Begins Download PowerPoint Stop Managing Risk in Silos: New Playbooks for Cross-Domain Resilience Jenna Wells, CEO, Supply Wisdom Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint AI Efficiency Meets Third Party Risk Sagar Sudhir Behere, Enterprise (ERM) & Head of Third Party Risk (TPRM) Oversight, Circle Internet Financial, LLC Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Introduction to TPRM: Understanding the Basics Jenn Wilkinson, Cenlar FSB Track 1: Foundation Trail: Where the Journey Begins Download PowerPoint Managing 3rd Party Risk in the Cloud David Kliemann, IBM Track 2: Resilience Ridge: Weathering the Storms Download PowerPoint Peak Performance: Innovative Solutions to Conquer TPRM Challenges Morgan Binder, Brian Howell & Jake Mitchell of Stripe Track 3: Innovation Overlook: A Birds-Eye View Download PowerPoint Escaping the Questionnaire Trap: Data-Driven Visibility and Resilience for Third-Party Software Risk Gary Schwartz, Senior Vice President, NetRise Track 4: Compliance Crossing: Mapping the Legal & Standards Landscape Download PowerPoint Careers & Connections: From Pressure to Power: Mastering Stress in the Modern Workplace Kelvin Pruitt, CEO, MentaLIFE Wellness General Download PowerPoint Navigating the Paradigm Shift from Human Trust to Digital Trust Dr. Jayne Suess, Consultant/Adjunct Professor, Capitol Technology University General Download PowerPoint LOAD MORE

  • Women Lead | Isabel Perez

    Learn about Isabel Perez, Director for USAA, and TPRA's WNTPRM October 2024 Leader Spotlight. < See All < Previous Next > Isabel Perez Director USAA Biography Isabel is a Director on the Enterprise Third Party Risk Management Team. She is responsible for governance activities in support of the Enterprise Third Party Risk Management Program. Isabel joined USAA in 2014 and brings with her over 15 years of Third Party Risk Management, Contract Management and Procurement experience. She also has several years of people leadership and is mentor for her team and others outside of her current role. She has had several leadership roles outside of USAA and enjoys developing and growing individuals to their fullest potential. Her experience comes through working in the Service, Medical and Manufacturing industries. Leadership Characteristics Determined, Problem Solver Leadership Challenges Being taken seriously in a room full of men. Key Take-a-ways "It never gets boring, every day there is something new to learn and do." Fun Fact "I don't know how to swim or ride a bicycle."

bottom of page