Search Results

Learn about Kelsey Theroux, Third Party Risk Analyst for , and TPRA's WNTPRM June 2025 Leader Spotlight. < See All < Previous Next > Kelsey Theroux Third Party Risk Analyst Biography Kelsey Theroux is a third-party risk professional with a strong background in compliance, due diligence, and operational resilience. She began her career in member-facing roles within the banking industry, where she developed a deep appreciation for the systems that uphold trust, accountability, and regulatory integrity. Her early experience in frontline operations naturally progressed into roles focused on backline operations and quality assurance. This foundation eventually led her into risk management, where she has led comprehensive third-party assessments and contributed to building scalable, centralized third-party risk programs. Currently between roles, Kelsey is taking this time to intentionally deepen her expertise in third-party risk, staying engaged with evolving frameworks, tools, and best practices. She believes effective risk management is not just about meeting regulatory requirements, it’s about fostering trust, supporting business continuity, and driving smarter, more resilient partnerships. Beyond her professional work, Kelsey is an active advocate for public health and community causes. She brings that same sense of purpose and dedication to everything she does, whether she’s strengthening an organization’s risk posture or helping drive change in her community. Leadership Characteristics Initiative-Driven, Collaborative, Detail-Oriented, Process Improvement, Strategic Thinker, Resilient, Adaptable, Educator and Mentor, Mission-Oriented. Leadership Challenges "When I stepped into third-party risk management, I faced the challenge of inheriting a program that was outdated and ineffective, all while having limited prior experience in the field. Drawing on my expertise in operations and operational efficiency, I approached the situation with confidence, focusing on streamlining processes and implementing effective strategies. By taking the time to learn the intricacies of third-party risk, I was able to apply my leadership skills to modernize the program, bringing it back up to date and making it more efficient. Through dedication and strategic improvements, I transformed the program into a functional, well-structured framework that aligns with current standards and the organization’s operational needs." Key Take-a-ways "One of the aspects I appreciate most about third-party risk management is the opportunity to dissect processes and uncover gaps. By pulling apart the due diligence of a third party, I can identify areas where vulnerabilities exist, not just within the vendor relationship but across the broader organization. This analytical approach strengthens risk management and presents opportunities to enhance efficiency in other operational areas. Addressing these gaps leads to a more resilient and well-structured framework." Fun Fact "I have been dancing since I was two years old, and it has been an incredible journey. From attending a performing and visual arts high school to competing in dance competitions, every step led to an exciting opportunity to earn a bronze medal as an Olympian in Modern and Jazz Dance. Competing for a spot on the USA dance team was a thrilling experience, and dance has always been a source of joy, discipline, and creativity in my life."

Learn about Jennifer Jones, National Practice Leader/Principal for FORVIS, and TPRA's WNTPRM May 2023 Leader Spotlight. < See All < Previous Next > Jennifer Jones National Practice Leader/Principal FORVIS Biography Jennifer is a Principal within FORVIS’ Advisory division and is the National Practice Leader of the SOC and HITRUST Practice. She works with public and private companies within various industries while focusing on the financial services, technology, and healthcare industries. Her more than 18 years of experience includes leading third-party risk-related engagements issued under the AT-C 105, 205, 215, 315, and 320 standards (SOC 1, SOC 2, Compliance Examinations, General Examinations, Agreed-Upon Procedures), and HITRUST engagements focusing on both IT and business process controls and the underlying general computer controls supporting those processes. Leadership Characteristics Clifton Strengths Finder: Achiever, Focus, Discipline, Significance, Competition Enneagram 1 Myers Briggs ISTJ Responsive, detailed, inclusive, hardworking, honest, loyal, self aware Leadership Challenges Jennifer is a positive and resilient person who remains focused and optimistic in the face of challenges and helps keep team members motivated and positive during hard times. She considers herself extremely coachable and believes the only way to self actualize is to be open to receiving development feedback and acting upon it to constantly improve ones self. Key Take-a-ways Jennifer enjoys helping service organizations demonstrate their process to satisfy their users' third party risk management controls by issuing SOC reports and HITRUST assessments. Fun Fact Jennifer loves Orangetheory Fitness and exercises once or twice most every day. She also has a 14-year-old Teddy Bear breed dog whom she adopted when he was 5.

Learn about Jill Zakarian, Partnerships Manager for Ncontracts, and TPRA's WNTPRM July 2025 Leader Spotlight. < See All < Previous Next > Jill Zakarian Partnerships Manager Ncontracts Biography I'm a former teacher and former small business owner who found my way into TPRM by saying yes to an opportunity. What I didn't realize at the time was how seamlessly my background in education would translate--engaging stakeholders, providing educational resources, and helping others strengthen and mature their TPRM programs. It's been a natural fit that allows me to bridge knowledge gaps and foster meaningful collaboration in the TPRM space. Leadership Characteristics I actually just took a DISC assessment, and my strengths center around communication, reliability, adaptability, approachability, enthusiasm, and building relationships & camaraderie. Leadership Challenges One of the biggest leadership challenges, for me, has been maintaining morale during times of uncertainty. Focusing on controlling what you can control, celebrating any little "win" for your team/colleagues, and advocating for them as best as you can has turned obstacles into opportunities for collaboration and growth. Key Take-a-ways My favorite aspect of TPRM is the constant, endless LEARNING, which I love being a former educator! It operates at the intersection of rapid technology, global interconnectedness, and emerging/unknown risks--that curiosity, adaptability & a growth/learning mindset are critical for success. Fun Fact I love creativity and learning something new on the daily--even if I'm not good at it, ha! I'm really into candle-making and soap-making right now, although it's been a work in progress.

Learn about Lisa-Mae Hill, Director for Venminder, and TPRA's WNTPRM November 2024 Leader Spotlight. < See All < Previous Next > Lisa-Mae Hill Director Venminder Biography Lisa is and dynamic and results-driven Information Security and TPRM Professional with over 15 years of experience, most currently leading a team of 12 in delivering comprehensive risk management, third-party risk management, vendor management, and cybersecurity solutions. Lisa is charged with managing complex projects, mitigating risks for her clients through comprehensive information security and regulation based assessments, and fostering strong relationships to enhance confidence. Lisa is known for her leadership skills and has a laser focus on team development and the growth of her team's professional and personal development. Lisa believes strongly (and has proven in her role) that operational excellence comes from a team that is challenged, rewarded and treated with respect and kindness. She has worked both in the private and public sector as well as across industries and has a love for helping clients feel confident about their Vendor Management program and the direction they take to assess and vet Vendors. She loves to take a complex process like integrating Information Security and technology into TPRM and make it feel attainable and manageable for any level of experience. Her passion is professional education and loves doing webinars, talks and classes for the TPRM and InfoSec community. Leadership Characteristics This was written by an employee (Travis Helton): To Lisa, Lisa, you embody the perfect blend of courage, humility, and care. Your unwavering bravery in the face of challenges inspires us all to push beyond our limits. Despite your remarkable achievements, you remain incredibly humble, always giving credit where it’s due and never seeking the spotlight for yourself. Your thoughtfulness shines through in the small, meaningful gestures that make each team member feel valued and appreciated. Whether it’s a kind word, a thoughtful note, or simply taking the time to listen, your actions consistently show how much you care. You are more than just a leader; you are a friend and mentor who feels like family. Your friendly demeanor creates a welcoming and inclusive atmosphere where everyone feels comfortable and supported. You are always approachable, ready to offer guidance and encouragement, no matter how busy you are. In times of crisis, your calm and composed nature provides a steady hand, guiding us through with confidence and grace. Your genuine kindness and unwavering support make you a pillar of strength, and your dedication to the well-being and growth of your team is truly inspiring. You don’t just lead; you uplift, nurture, and inspire everyone around you, making our workplace feel like a second home. I share this because I am not good at talking about myself and this came unexpectedly today from an employee. Leadership Challenges We have had great change in our company over the last 2 years and I am proud to say that our team worked together through every challenge and came out stronger then ever. I have found the hardest part about leadership is balancing the needs of the business and the people that the business needs. I have always erred on the side of taking care of my team and clients because I firmly believe that the stronger the confidence and loyalty in the team, the better you will always be. Key Take-a-ways TPRM is challenging because you are tasked with accountability and responsibility yet have no control over those that you need information from. It can be frustrating, but the most important thing to remember is a proactive approach with the knowledge of what you want to do and see from your Vendors is key. This helps you stay consistent and gives clear direction to your Vendors! Fun Fact I am a huge dog lover, a mom and a wife. I have a very grumpy old lady Pug, Jazzy Pants as well as an old man black Lab named Cooper. I am also a girl mom with two feral and wild minis that make me laugh everyday as well as double the grey hairs. I love to travel with my husband and I absolutely love to read.

ProcessUnity Third-Party Risk Management protects companies and their brands by reducing risk from third parties, vendors and suppliers. < Back ProcessUnity Wednesday, October 22, 2025 10:30 - 10:55 AM CT TPRM Platform Globe Mail Search Search ProcessUnity Third-Party Risk Management protects companies and their brands by reducing risk from third parties, vendors and suppliers. TPRM expands the scope of risk management to encompass any external party that could pose a risk to an organization, including vendors, contractors, partners and suppliers. With a single, configurable platform, ProcessUnity helps organizations manage the increasing complexity of supply chains and third-party relationships with tools to identify and assess the risks associated with each external party, monitor third-party performance and ensure external control effectiveness. Our software platform empowers you to proactively manage third-party risks and protect your organization from potential cyber threats and business disruptions. ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. The company is headquartered outside Boston, Massachusetts. For more information, visit http://www.processunity.com . Presenter(s) Brad McAdams Director, Risk Solutions Brad McAdams has dedicated his career to Third-Party Risk Management and the broader Cybersecurity and Governance, Risk, and Compliance (GRC) space. He began his journey as a practitioner in the consulting world before transitioning to the software side 15 years ago. Throughout his career, Brad has gained international experience, having been based in both North America and Europe. Previous Next

Learn about Hilda AndelizGomez, VP. Enterprise Third Party Risk Performance Analyst for Valley Bank, and TPRA's WNTPRM August 2025 Leader Spotlight. < See All < Previous Next > Hilda AndelizGomez VP. Enterprise Third Party Risk Performance Analyst Valley Bank Biography Hilda Andeliz is a Dominican American professional with over 10 years of experience in the banking industry. She began her career in retail banking, where she built a strong foundation in operations and customer relationships. Her path into Third-Party Risk Management wasn’t conventional—but the turning point came when a leader saw beyond her résumé. They believed in her potential, recognized the value of her frontline experience, and opened the door to a new career path. Today, Hilda serves as Vice President, Enterprise Third-Party Risk Performance Analyst at Valley Bank, where she oversees third-party performance, regulatory alignment, and operational resilience. She leads with empathy, collaboration, and a deep commitment to continuous growth for herself and those around her. Hilda has shared her journey and insights at events like CeFPro’s Vendor & Third-Party Risk USA and through Aravo’s webinars, championing the belief that growth in risk management is a shared journey driven by support, connection, and purpose.Hilda holds a Bachelor’s degree in Finance from Rutgers University and is a Certified Third-Party Risk Management Professional (C3PRMP). Leadership Characteristics My leadership characteristics are rooted in empathy, integrity, and collaboration. I lead with purpose and adaptability, always focused on creating environments where people feel empowered to grow, contribute, and thrive. I bring a detail-oriented mindset and a passion for continuous improvement, using data, clear communication, and proactive problem solving to drive meaningful results. Whether it’s regulatory stewardship, vendor partnerships, or cross-functional execution, I approach each challenge with a commitment to learning, inclusion, and long-term impact. I believe strong leadership is not just about outcomes—it’s about how we show up for others and create space for innovation and growth. Leadership Challenges One of the most meaningful leadership challenges I’ve faced was stepping into new roles while leading teams with diverse backgrounds, often including individuals with more industry experience or different learning styles. Navigating these dynamics taught me that leadership isn’t about having all the answers; it’s about showing up with humility, listening actively, and creating space for others to thrive. I’ve learned to adapt my approach to meet people where they are, foster an inclusive environment, and lead with empathy and openness. These experiences, much like my own nontraditional path into Third-Party Risk Management, have reinforced my belief that trust, collaboration, and belief in one another are what truly move teams—and careers—forward. Key Take-a-ways One of my favorite aspects of Third-Party Risk Management(TPRM) is how it goes far beyond oversight—it’s about aligning people, processes, and strategy to strengthen the organization as a whole. At its core, TPRM is relationship-driven. The most effective partnerships are built on trust, transparency, and consistent communication. For me, growth in this space begins from within. It starts with believing in yourself and showing up with purpose, courage, and a willingness to evolve. That mindset has shaped how I lead, collaborate, and contribute to the broader mission of risk management. Fun Fact Outside of work, I find balance and energy in the moments that bring me joy and connection. Whether it’s traveling to new places, spending peaceful days at the beach, or dancing to music that lifts my spirits, these experiences help me recharge and stay grounded. The time I treasure most, however, is the time I spend with my daughter. From exploring new adventures to sharing quiet, everyday moments, being with her reminds me of what truly matters. She inspires me to approach life and work with intention, purpose, and gratitude, constantly shaping the example I strive to set for her.

Get to know Kim LaBarbiera, TPRA Board Member, and a member of TPRA's Board of Directors! < Back Kim LaBarbiera TPRA Board Member BOARD OF DIRECTORS Kim M. LaBarbiera is a Board Member for TPRA and specializes in Cybersecurity, Resilience, and Third-Party Risk Management; FinTech; payment processing; bank vendor risk; open banking; compliance audit functions; regulatory requirements; cloud computing and lobbying. Prior to working at American Express, Kim held various legal, compliance, and risk roles at: Goldman, Sachs, USAA, Lloyds Bank, and Société General, among other global financial institutions. Kim holds a BA from Boston College, JD from Seton Hall Law School, and LLM from Georgetown University. She is GDPR, CAMS, CTPRP certified and is pursuing an Executive AI Certification at MIT. She has previously held equity and options principal licenses. Next >

Sayari is the transparency company built to provide immediate worldwide visibility into the relationships between businesses and individuals. < Back Sayari Wednesday, October 22, 2025 2:00 PM - 2:25 PM CT TPRM Platform Globe Mail Search Search Sayari: Company Profile Sayari is the transparency company providing the public and private sectors with immediate visibility into complex commercial relationships. Drawing on a decade of customer-centric innovation and support from industry-leading investors, Sayari has built the largest commercially available collection of trade and public data, transforming it into a dynamic, living model of corporate entities' ownership and trade activity. Sayari's products and platforms harness this model to enable risk resilience, complex investigations, and clear-eyed business decisions. Sayari is headquartered in Washington, D.C., and its solutions are trusted by regulators and regulated organizations in over 35 countries. Sayari Graph: Sayari Graph is a robust investigative platform designed to provide in-depth insights into entities by aggregating data from nearly 600 unique sources across over 250 jurisdictions worldwide. It specializes in uncovering complex ownership and control relationships, adverse media, risk factors, maritime data, and trade information. The platform emphasizes data provenance, ensuring users can trace the origin and recency of information. It offers a user-friendly interface with advanced search capabilities, batch uploads, and a powerful graph visualization tool that helps users understand and analyze relationships and risks associated with entities. Sayari Graph is particularly adept at revealing non-obvious risks by combining corporate ownership data with trade information, making it a valuable tool for due diligence, risk assessment, and compliance. Sayari Map: Sayari Map is a powerful tool designed for supply chain risk management and mapping. Sayari Map empowers supply chain risk management, responsible sourcing, sustainability, and procurement teams to quickly map upstream supply chains, identify supply chain risk, and build comprehensive risk adjudication and monitoring workflows. It leverages a vast dataset of over 600 unique data sources, including trade data from more than 70 countries, to help you identify and mitigate risks in your supply chain. Sayari Signal: Sayari Signal enables organizations to make confident compliance decisions from the comfort of their ERPs by providing unparalleled coverage of non-list-based risk, fully contextualized entity profiles, and the fastest response to new regulations. Signal consists of the following risk modules: Military End User and Military Intelligence End User; Sanctions50; Common High Priority List; Forced Labor; and Sanctions Control. To learn how Sayari powers safer global commerce, please visit sayari.com . Presenter(s) Chad Bush VP of CE Alliances Chad Bush has worked for more than 15 years in the risk and compliance space. Early in his career, he led a team in IBM Global Business Services that provided consulting services for financial crimes teams in financial services. Subsequently, Chad was one of four team members who built the Dun & Bradstreet risk and compliance line of business and the solutions that supported it. In this role, Chad advi… Show More Previous Next

The TPRA created the TPRM Service Provider Innovator Award to honor service providers delivering innovative, efficient tools for practitioners to assess, mitigate, and manage third party risk. TPRA Third Party Risk Management Service Provider Innovator Award 2025 Innovator Award Winner Applications Closed Opens Thursday, January 1, 2026 AWARD DETAILS One of the objectives of the Third Party Risk Association (TPRA) is to promote the value that Third Party Risk Management (TPRM) Service Providers add with regard to advancing the TPRM industry as a whole. In support of this objective, the TPRA created the “TPRM Service Provider Innovator Award” to recognize all of the work TPRM Service Providers put into delivering innovative, efficient, and effective tools and techniques for Practitioners to leverage to assess, mitigate, and manage the risk of third parties. AVAILABLE AWARDS Excellence Award: GRC/TPRM Platform Excellence Award: Risk Rating/Intelligence Tool Excellence Award: TPRM Services Third Party Risk Management (TPRM) Service Provider Innovator Award TPRA will award one organization as our 2025 TPRM Service Provider Innovator. In addition, we will recognize three Excellence Award Winners across three categories: GRC/TPRM Platforms, Risk Ratings/Risk Intelligence Tools, and TPRM Services. There will be one winner per category. A minimum of five applicants per category is needed to move forward with that category. Award Judges: TPRA Officers, TPRA Board Members, Select TPRA Practitioner Members in Various Industries AWARD CRITERIA Any TPRM Service Provider organization may apply (does not need to be a TPRA Vendor Member). Must be a TPRM Service Provider organization that offers a product and/or service to the TPRM Practitioner community at large to assist with identifying, assessing, monitoring, and/or mitigating third party risk. (Ex. GRC Platform, TPRM Platform, TPRM Service Provider, Risk Rating/Intelligence Tool) Actively advances the industry through pioneering and/or innovating TPRM solutions/services. Regularly collaborates with Practitioners, Regulators, and/or other Service Providers in the creation, implementation, and/or delivery of their innovative products/services. Advocates for and exemplifies social responsibility and philanthropy. Contact Heather Kadavy at heather.kadavy@tprassociation.org with any questions about the award or application process. AWARD TIMELINE Award Opens Application Closes Shortlist Communicated Top 3 per Catagory Interviews Conducted Category Winners Announced Innovator Award Announced & Presented + Excellence Awards Presented Thursday, January 1, 2026 Friday, February 13, 2026 Monday, March 2, 2026 Monday, March 2 - Friday, March 27, 2026 TBD Tuesday, April 21, 2026 at TPRA's 2026 Conference in Denver, CO Applications Closed Opens Thursday, January 1, 2026 Congratulations to Aravo Solutions ! 2025 Innovator Award Winner Congratulations to Aravo & Interos ! 2025 Excellence Award Winners

FOR IMMEDIATE RELEASE Exiger Named 2024 Innovator Award Winner Thursday, April 11, 2024 Robert Huff (left), Senior Vice President, Third-Party & Supply Chain Risk Management Solutions for Exiger, accepts the 2024 Innovator Award from Julie Gaiaschi (right), CEO & Co-founder of the Third Party Risk Association (TPRA) at TPRA's 2024 In-Person Conference in Phoenix, AZ. Exiger Named Third Party Risk Association's (TPRA) 2024 Third Party Risk Management (TPRM) Service Provider Innovator Award Winner PHOENIX, ARIZONA — APRIL 11, 2024 — At the Third Party Risk Association’s (TPRA) 2024 TPRM Conference, “Third Party Risk Madness” in Phoenix, Arizona, TPRA announced Exiger as the 2024 winner for their TPRM Service Provider Innovator Award. “We couldn’t be more excited! Thank you to all of the judges, all of the TPRA leadership, and the TPRM community,” said Brandon Daniels, Chief Executive Officer at Exiger. “Let’s make the world a safer and more transparent place for our customers to succeed!” TPRA had 24 total Service Provider nominations for this award, with 6 organizations chosen to be finalists in the award process. Despite the difficult selection process given the many outstanding service providers, the TPRA Board of Directors and select Practitioners chose Exiger as the overall winner. “What intrigued us the most about this organization is, not only do they obtain large amounts of data and correlate that data against a set of controls and regulations to determine current risks, but the correlation of that information via AI allows them to also provide you with leading risk indicators,” Julie Gaiaschi, CEO & Co-founder of the Third Party Risk Association, noted during her announcement speech. One example of this is that Exiger can provide customers with specific risks as they relate to a piece of software via CVE and the software assessment itself, but also provide leading risk indictors of how the software was developed. Not only does Exiger look at cyber risk, but also financial health, operational, regulatory, reputational, and criminal risk (which includes export controls). Because of their connection to the government, they map regulations to controls and artifacts, as well to determine regulatory compliance, via artificial intelligence (AI). When asked how they maintain the regulatory compliance side with so many new and changing regulations, Exiger stated they are, “...looking at each rule via AI and assessing changes and updates to the policy, rulemaking, or legislation on a regular basis.” In addition, they meet with regulators to help define legislation to ensure they can validate specific controls. The last piece that intrigued TPRA judges was their ability to perform root cause analysis of findings. Their AI model can articulate why risks exist through natural language prompts and provide the evidence it found to support the finding. For all these reasons and more, TPRA selected Exiger as their 2024 TPRM Service Provider Innovator Award winner. About Exiger Exiger got their start in terms of large scale TPRM in this sector with the Defense Counter Intelligence Agency and within the last few years have now branched out into the commercial space (which now makes up the majority of their business). Within the commercial sector, the majority of their clients are in healthcare, Information Communication Technology, and Advanced Manufacturing (or critical infrastructure). They are now seeing an increase in retail as well, post-COVID. Exiger is actively working to simplify the user experience by identifying risk no matter what domain it is in via not only open and privately procured sources, but also by correlating information obtained and within regulations via AI. Their mission is to provide a safer and more transparent space for customers to succeed. For more information about Exiger and their innovative approaches to identifying and mitigating third party risk, visit www.exiger.com . About the Award One of the objectives of the Third Party Risk Association (TPRA) is to promote the value that Third Party Risk Management (TPRM) Service Providers add with regards to advancing the TPRM industry as a whole. In support of this objective, the TPRA created the TPRM Service Provider Innovator Award to recognize all the work TPRM Service Providers put into delivering innovative, efficient, and effective tools and techniques for Practitioners to leverage to assess, mitigate, and manage the risk of third parties. After reviewing the initial applications, TPRA’s seven judges chose six organizations as finalists in the award process. The team of judges then met with these organizations individually to further discuss their application, where they see their organizations headed within the next five years, what they would change about the TPRM industry, and why social responsibility is important to them. “These organizations are all innovative in their own right,” TPRA noted in their initial announcement. “While this award is simply a visible recognition for one, all of these organizations are doing so many innovative and important things to better mitigate risk, improve processing times, reduce resource workload, and provide more meaningful risk identification and mitigation techniques.” This award recognizes a TPRM Service Provider organization that: offers a product and/or service to the TPRM Practitioner community at large to assist with identifying, assessing, monitoring, and/or mitigating third party risk, actively advances the industry through pioneering and/or innovating TPRM solutions/services, regularly collaborates with Practitioners, Regulators, and/or other Service Providers in the creation, implementation, and/or delivery of their innovative products/services, and advocates for and exemplifies social responsibility and philanthropy. Any TPRM Service Provider organization may apply for this award, regardless of membership with the TPRA. “We are extremely grateful to every one of the 24 innovative service provider organizations that applied this year. We look forward to getting to know even more awesome organizations in the coming years and giving them their due recognition through our Innovator Award Program,” Gaiaschi said in closing. ### The Third Party Risk Association was created out of a necessity to build a community of like-minded third party risk professionals to allow for the sharing of best practices, exchanging of ideas, and influencing of an industry. This organization is a 501(c)(6) not- for-profit. MEDIA CONTACT Meghan Schrader Meghan.schrader@tprassociation.org www.tprassociation.org FOR MORE INFORMATION https://www.tprassociation.org/innovator-award Previous Next

Page Not Found. Looks like this page has been hidden or no longer exists. Go to Homepage

You have 100 Loyalty Points Redeem your points for rewards and place your first order. Get Reward Get 100 Loyalty Points for each friend you refer Get special perks for you and your friends Give your friends 100 Loyalty Points. Get 100 Loyalty Points for each friend who buys a plan. Log in to refer * Applies to the lowest priced item in the cart.